Aqua Blog

Threat Alert: Supply Chain Attacks Using Container Images

Threat Alert: Supply Chain Attacks Using Container Images

Team Nautilus, Aqua Security’s threat research team, has uncovered several supply chain attacks that use malicious container images to compromise their victim. These five container images were found on Docker Hub, which we scan daily for signs of malicious activity. The images hijack organizations’ resources to mine cryptocurrency and can be used as part of a supply chain attack targeting cloud native environments.

Below are the five malicious container images we detected:

Container image in Docker Hub




Number of pulls



cryptominer script 




cryptominer script 




cryptominer script 





Execute xmrig 





Execute xmrig 


Analysis of the container images

The first three container images – thanhtudo, thieunutre, and chanquaa – all execute the script This Python script was part of several previous campaigns that used typo squatting to hide malicious container images in Docker Hub (azurenql, about 1.5 million pulls). As seen below, the script executes a binary called xmrig (MD5: 4873e560df68ad96c3de08164b139b09), which is a Monero cryptocurrency miner hiding in one of the layers of the container image.

analysis of container images

Two of the container images – openjdk and golang – used misleading titles that suggest they are official container images from OpenJDK and Golang, respectively. They are designed so that a user who is unfocused or in a hurry might mistake them as official container images, even though the Docker Hub accounts responsible for them are not official accounts. Once they are running, they may look like an innocent container. After running, the binary xmrig is executed (MD5: 16572572588c2e241225ea2bf6807eff), which hijacks resources for cryptocurrency mining.

While the first two container images are likely to be used as part of a supply chain attack, the rest are less likely to be considered as popular or legitimate container images. Collectively, these malicious container images gained more than 120,000 pulls.

How to protect against supply chain attacks

Attackers are increasingly targeting organizations’ software supply chains, and in some cases, they are getting better at hiding their attacks. Therefore, companies should improve their defensive measures to reduce the risk of falling victim to this type of attack. Here are some recommendations that will help you improve your security posture:

Control access to public registries

When running containers from a public registry, treat the registry as a source with a high risk of supply chain attacks. Attackers are trying to trick developers into inadvertently pulling malicious container images by camouflaging them as popular ones. To reduce risk, create a curated internal registry for base container images and limit who can access public registries. Enact policies that ensure container images are vetted before they are included in the internal registry.

Scan container images for malware using both static and dynamic analysis

Sophisticated attacks are often able to avoid detection when organizations use static, signature- or pattern-based scanning. For example, threat actors can evade detection by embedding code in container images that downloads malware only during runtime.

That’s why in addition to scanning any external unvetted container images for vulnerabilities, you need to use tools, such as Aqua Dynamic Threat Analysis (DTA), that dynamically analyze the container behavior in a sandbox to identify attack vectors that wouldn’t be detected with static code scanning.

Digitally sign container images or use other methods of maintaining image integrity

It’s important to ensure that the container images in use are the same ones that have been vetted and approved. Using the Aqua platform, all scanned container images are automatically fingerprinted and tracked, which detects and prevents the use of non-compliant or unknown container images in your environment.


Supply chain attacks are a major threat to cloud native environments. Team Nautilus has identified five malicious container images that are hosted on Docker Hub, all of which aim to hijack resources for cryptocurrency mining. Organizations should create a security strategy that can detect and prevent supply chain attacks at every stage of the application lifecycle – from build to production.

To learn more about attacks on cloud native environments, read the latest Cloud Native Threat Report: Attacks in the Wild on Container Infrastructure.

Assaf Morag
Assaf is a Lead Data Analyst at Aqua Nautilus research team, he focuses on supporting the data needs of the team, obtaining threat intelligence and helping Aqua and the industry stay at the forefront of new threats and methodologies for protection. His work has been published in leading info security publications and journals across the globe, and most recently he contributed to the new MITRE ATT&CK Container Framework.