Security News > 2017 > July > Attack Uses Docker Containers To Hide, Persist, Plant Malware (Threatpost)

Attack Uses Docker Containers To Hide, Persist, Plant Malware (Threatpost)

2017-07-27 23:30

Abuse of the Docker API allows remote code execution on targeted system, which enables hackers to escalate and persists thanks to novel attacks called Host Rebinding Attack and Shadow Containers.

News URL

http://threatpost.com/attack-uses-docker-containers-to-hide-persist-plant-malware/126992/

#attack #docker #malware #threatpost

Related news

New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet (source)
Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
Perfctl malware strikes again as crypto-crooks target Docker Remote API servers (source)
VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Docker		24	0	19	36	20	75

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.