Nearly half a million Kubernetes servers left open to the Internet

Currently reading
Nearly half a million Kubernetes servers left open to the Internet

Synology, TrueNAS
Operating system
  1. Linux
  2. Windows
I waited for it to come. And it comes. There is a growing number of people who have run something they don't understand at all and it is offered as a single button deployment: Kubernetes.

Hundreds of thousands of endpoints running Kubernetes API have been exposed to the internet, and so could potentially be vulnerable to virus deployment and other cyberattacks, new research has found.
More here:
And Truenas Scale will also be helped by the state it is in - an unfinished system that people are installing as ready-made, including their TrueCharts running on the K3S.
The number of directly accessible instances of TrueNas over 80 increase and will not wait long for similar messages.
Give people the opportunity to push their data out, they won't hesitate.

And it will grow.
default 6443 exposed to internet, OMG

I have already sent my research report to iX (TrueNas) that they could contact the exposed IP addresses I found in the list via Shodan (advanced filtration used, incl 6443, ...) to suggest help with them to stop publishing the API server. After all, they actually have a forum, members, IP addresses, ...
This is pure tragedy.

btw, here is the original report:

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

This is crazy... and they are saying this was all due to a Plex media RCE exploit Plex media server seen...
We delayed an enterprise deployment of Zoom because of this. Also they were routing traffic though China.

Welcome to! is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads