Docker Gatling Gun Campaign

SUMMARY :

Recent research has uncovered a new malicious campaign orchestrated by the notorious hacking group TeamTNT. This campaign exploits exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, utilizing compromised servers and Docker Hub as infrastructure for spreading their malicious payloads. TeamTNT is leveraging native cloud capabilities by appending compromised Docker instances to a Docker Swarm and using Docker Hub to store and distribute their malware, aiming to rent out victim's computational resources to third parties for cryptomining operations.

OPENCTI LABELS :

cryptomining,sliver,docker,malicious,campaign,prochider


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Docker Gatling Gun Campaign