The Intezer squad get a line a figure of unprotected case function by ship’s company in the IT , finance , and logistics industriousness that countenance anyone to deploy workflow . malicious thespian have victimised the leaf node to deploy crypto - mineworker in some context . Argo Workflows is an capable - germ , Kubernetes - establish work flow railway locomotive that earmark customer to do analogue trading operations from a single interface , downplay deployment complexity and thin out the jeopardy of failure . Argo play victimisation YAML filing cabinet to specify the case of crop to be dress , with workflow being escape either from a templet or flat from the Argo solace . menace actor might approach an undefended Argo splasher and deploy their work flow on the misconfigured server , fit in to Intezer . The antagonist exploited kannix / monero - mineworker , a have intercourse crypto - up-to-dateness mine container that has been hit from Docker Hub , in one of the cover snipe . menace histrion are mistreat the container , which utilization XMRig to mine for Monero and can be easy familiarised by only fixing the handle of the crypto - wallet where the mine virtual coin should be posit , to put to death crypto - jack up bodily function . substance abuser can but admission the Argo Workflows splashboard from outside the bodied web , expend an incognito web browser , and without certification , to escort if their example have been aright configured . “ Another alternate is to inquiry your exemplify ’s API and seem at the status code . petition entropy from [ your.instance : port]/api / v1 / information victimization HTTP GET . While an unauthenticated user , a take back HTTP condition inscribe of “ 401 wildcat ” indicate a correctly configure representative , whereas a successful status computer code of “ 200 winner ” could suggest that an unauthorized substance abuser is capable to accession the exemplify , harmonise to Intezer . substance abuser should besides swear their Argo illustrate for any unusual conduct and ready trusted that no work flow have been scat for an continue full point of clock , since this could suggest the deployment of a crypto - miner in the bundle .