Virtualization Technology News and Information
Prevasio Completes First-Ever Full Security Scan of the Docker Hub, Reveals Critical Vulnerabilities & Malware Issues on 51 Percent of Containers

Prevasio, developers of next-generation dynamic threat analysis for Docker containers, today announced the completion of the first and only comprehensive security scan of the entire Docker Hub, encompassing more than four million public container images. Dubbed "Operation Red Kangaroo" by the company, the scan was completed using Prevasio's Analyzer, the company's innovative sandboxing and behavioral analysis system for Docker containers. The results show that Docker containers present a potentially serious risk to enterprise customers implementing container technology without adequate security protocols in place.

"With thousands of malicious or potentially harmful containers found by Prevasio, Docker Hub is not as resilient to attacks as previously thought," says Rony Moshkovich, CEO of Prevasio. "While most of the reported containers contain cryptocurrency miners, there are also a fair amount of ‘trojanized' images of popular platforms, such as WordPress, Apache Tomcat, or Jenkins. Enterprises that have embraced Docker must be aware of these threats in order to protect their organizations and data."

Prevasio's analysis ran across the entire Docker Hub and found:

  • 51 percent of all containers had "critical" vulnerabilities, while 13 percent were classified as "high" and four percent as "moderate" vulnerabilities.
  • Six thousand containers were riddled with cryptominers, hacking tools/pen testing frameworks, and backdoor trojans. While many cryptominers and hacking tools may not be malicious per se, they present a potentially unwanted issue to an enterprise.
  • More than 400 examples (with nearly 600,000 pulls) of weaponized Windows malware crossing over into the world of Linux. This crossover is directly due to the proliferation of cross-platform code (e.g. GoLang, .NET Core and PowerShell Core).

"Docker adoption has become a standard for enterprise-class complex applications in the corporate world, with the majority of large enterprises implementing Docker containers in some form," says Alex Eckelberry, a security expert and advisor to Prevasio. "With containerization now ubiquitous, the attack surface has increased exponentially, and the results of this analysis should be of concern to any enterprise customer."

A full white paper illustrating in detail how the analysis was conducted and full results can be viewed at

Published Tuesday, December 01, 2020 12:37 PM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<December 2020>