Cryptojacker Targets Exposed Docker Daemon APIs

Source:- A new malware variant dubbed Black-T developed by the hacker group TeamTnT targets exposed Docker daemon APIs to perform scanning and cryptojacking operations, according to researchers at Palo Alto Unit 42. TeamTnT is a cloud-focused cryptojacking group that often targets AWS credential files on compromised cloud systems to mine for Monero. The researchers found that Black-T includes features not found in the group’s earlier malware, including “targeting and stopping of previously unknown cryptojacking worms – the Crux worm, ntpd

Read more