Security experts said they’ve discovered the first known malware strain that targets and then escapes Windows Server containers in order to infect a victim’s Kubernetes cluster infrastructure.
TeamTNT, a crypto-mining botnet specialized in infecting misconfigured Docker and Kubernetes platforms, has compromised more than 50,000 systems over the last three months, between March and May 2021, security firm Trend Micro said last week.
A sophisticated threat actor is targeting web hosting software in order to install backdoors and drop rootkits on Linux servers.
If you forget to update or properly secure an internet-connected server or web app, the chances are that a crypto-mining botnet will infect it first, long before any nation-state hacking group. Crypto-mining botnets have been a plague on the internet for the past three years, and despite the space being more than saturated, new botnets are being built and discovered on a re.gular basis, driven mainly by cybercriminals’ unquenched thirst for easy money.