Security News > 2024 > October > Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks
2024-10-22 14:00
Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according to new findings from Trend Micro. "In this attack, the threat actor used the gRPC protocol over h2c to evade security solutions and execute their crypto mining operations on the Docker host," researchers Abdelrahman Esmail and Sunil Bharti said in a technical
News URL
https://thehackernews.com/2024/10/cybercriminals-exploiting-docker-api.html
Related news
- Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign (source)
- New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks (source)
- Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals (source)
- Hackers abuse Zoom remote control feature for crypto-theft attacks (source)
- Hitachi Vantara takes servers offline after Akira ransomware attack (source)
- How cybercriminals exploit psychological triggers in social engineering attacks (source)
- Samsung MagicINFO 9 Server RCE flaw now exploited in attacks (source)
- Chinese hackers behind attacks targeting SAP NetWeaver servers (source)