TechRadar

Docker API servers being hit to spread cryptomining malware

Hackers are targeting vulnerable Docker remote API servers, and using them to mine cryptocurrencies on the underlying hardware, experts have warned. Cybersecurity researchers from Trend Micro stated ...
Bleeping Computer

Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware

Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building ...
Bleeping Computer

Vulnerable Docker Hosts Actively Abused in Cryptojacking Campaigns

Hundreds of vulnerable and exposed Docker hosts are being abused in cryptojacking campaigns after being compromised with the help of exploits designed to take advantage of the CVE-2019-5736 runc ...
Dark Reading

Attackers Use Docker APIs, Tor Anonymity in Stealthy Crypto Heist

Threat actors are targeting cloud-based networks by exploiting misconfigured Docker APIs to gain access to containerized environments, then using the anonymity of Tor to hide their deployment of ...
TechRadar

Docker instances targeted in major cryptojacking scam

A new cryptojacking campaign has been spotted leveraging poorly-secured Docker remote API servers, experts have claimed. Cybersecurity researchers from Trend Micro have detailed a campaign they dubbed ...
Dark Reading

Docker Under Siege: Cybercriminals Compromise Honeypots to Ramp Up Attacks

Cybercriminals are ramping up their attacks on the Docker Engine — the software foundation of the container infrastructure used by many cloud-native companies. Researchers flagged a pair of cyber ...
Threat Post

TeamTNT Gains Full Remote Takeover of Cloud Instances

Using a legitimate tool called Weave Scope, the cybercrime group is establishing fileless backdoors on targeted Docker and Kubernetes clusters. The TeamTNT cybercrime gang is back, attacking Docker ...