Security News > 2020 > June > XORDDoS, Kaiji DDoS Botnets Target Docker Servers
The distributed denial-of-service botnets named XORDDoS and Kaiji recently started targeting exposed Docker servers, Trend Micro warned on Monday.
Trend Micro has recently spotted variants that also target Docker servers.
The main difference between how XORDDoS and Kaiji target Docker servers is that the former infects all existing containers on the server, while the latter deploys the malware in its own container.
Once it has compromised a Docker server, XORDDoS runs a series of commands to identify containers and infect them with the malware that helps threat actors launch DDoS attacks, including SYN, ACK and DNS attacks.
Trend Micro researchers have also found a link between XORDDoS and a DDoS botnet tracked as AESDDoS and Dofloo, which has been known to target Docker.