Analysts with Trend Micro have reported an update to a botnet that now collects Docker and Amazon Web Services (AWS) credentials after deploying an XMR crypto miner. Trend Micro had previously reported that a threat actor group they call TeamTNT established a botnet that attempted to access Docker containers with exposed APIs without a password. In this new version, after the miner Is deployed, the malware will try to steal AWS credentials and Docker API credentials to move laterally to other systems and siphon off more resources.
What Do Criminal Hackers and Scammers Discuss on Forums?
A message board or an internet forum is an online discussion site where users can