Security News > 2021 > February > New Malware Hijacks Kubernetes Clusters to Mine Monero

New Malware Hijacks Kubernetes Clusters to Mine Monero
2021-02-03 20:50

Researchers have discovered never-before-seen malware, dubbed Hildegard, that is being used by the TeamTNT threat group to target Kubernetes clusters.

Eventually, they warn, TeamTNT may launch a more large-scale cryptojacking attack via Kubernetes environments or steal data from applications running in Kubernetes clusters.

While the malware utilizes many of the same tools and domains identified in TeamTNT's previous campaigns, it also harbors multiple new capabilities that make it more stealthy and persistent, said researchers.

TeamTNT. The new malware is only the latest change from the TeamTNT cybercrime group, which is known for cloud-based attacks, including targeting Amazon Web Services credentials in order to break into the cloud and use it to mine for the Monero cryptocurrency.

Last week, researchers found that the group had added a new detection-evasion tool to its arsenal, helping its cryptomining malware skirt by defense teams.

"This new TeamTNT malware campaign is one of the most complicated attacks targeting Kubernetes," said researchers.


News URL

https://threatpost.com/new-malware-hijacks-kubernetes-clusters-to-mine-monero/163629/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Kubernetes 19 5 45 35 8 93