#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

TeamTNT | Breaking Cybersecurity News | The Hacker News

TeamTNT's Silentbob Botnet Infecting 196 Hosts in Cloud Attack Campaign

TeamTNT's Silentbob Botnet Infecting 196 Hosts in Cloud Attack Campaign

Jul 13, 2023 Cloud Security / Cryptocurrency
As many as 196 hosts have been infected as part of an aggressive cloud campaign mounted by the TeamTNT group called  Silentbob . "The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx servers, Weave Scope, SSH, and Jupyter applications," Aqua security researchers Ofek Itach and Assaf Morag  said  in a report shared with The Hacker News. "The focus this time seems to be more on infecting systems and testing the botnet, rather than deploying cryptominers for profit." The development arrives a week after the cloud security company  detailed  an intrusion set linked to the TeamTNT group that targets exposed JupyterLab and Docker APIs to deploy the Tsunami malware and hijack system resources to run a cryptocurrency miner. The latest findings suggest a broader campaign and the use of a larger attack infrastructure than previously thought, including various shell script
Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration

Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration

Mar 16, 2023 Cryptojacking / Cyber Attack
The cryptojacking group known as  TeamTNT  is suspected to be behind a previously undiscovered strain of malware used to mine Monero cryptocurrency on compromised systems. That's according to Cado Security, which  found  the  sample  after Sysdig detailed a sophisticated attack known as  SCARLETEEL  aimed at containerized environments to ultimately steal proprietary data and software. Specifically, the early phase of the attack chain involved the use of a cryptocurrency miner, which the cloud security firm suspected was deployed as a decoy to conceal the detection of data exfiltration. The artifact – uploaded to VirusTotal late last month – "bear[s] several syntactic and semantic similarities to prior TeamTNT payloads, and includes a wallet ID that has previously been attributed to them," a new analysis from Cado Security has  revealed . TeamTNT , active since at least 2019, has been documented to repeatedly strike cloud and container environments to deploy cryptocur
Webinar: Learn How to Stop Hackers from Exploiting Hidden Identity Weaknesses

Webinar: Learn How to Stop Hackers from Exploiting Hidden Identity Weaknesses

Apr 10, 2024Webinar / Identity Security
We all know passwords and firewalls are important, but what about the invisible threats lurking beneath the surface of your systems? Identity Threat Exposures (ITEs) are like secret tunnels for hackers – they make your security way more vulnerable than you think. Think of it like this: misconfigurations, forgotten accounts, and old settings are like cracks in your digital fortress walls. Hackers exploit these weaknesses to steal login information, gain sneaky access, and move around your systems unnoticed, whether they're in the cloud or on-site. This upcoming webinar,  " Today's Top 4 Identity Security Threat Exposures: Are You Vulnerable? "  isn't just for tech experts—it's about protecting your business.  We'll use real-world examples and insights from Silverfort's latest report to show you the hidden dangers of ITEs. You'll learn about: The Top 4 Identity Threats You Might Be Overlooking:  We'll name them and explain why they're
Cybersecurity Resources