Console

Execution: Cryptomining Docker Image

This document describes a threat finding type in Security Command Center. Threat findings are generated by threat detectors when they detect a potential threat in your cloud resources. For a full list of available threat findings, see Threat findings index.

Finding description

A Cloud Run service or job was created or revised by adding a known bad docker image that can do cryptomining.

To respond to this finding, do the following:

Check the container image to determine if this was expected.
Delete the compromised container and replace it with a new container.

What's next

Learn how to work with threat findings in Security Command Center.
Refer to the Threat findings index.
Learn how to review a finding through the Google Cloud console.
Learn about the services that generate threat findings.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-08-21 UTC.

Execution: Cryptomining Docker Image Stay organized with collections Save and categorize content based on your preferences.

Finding description

What's next

Execution: Cryptomining Docker Image