TeamTNT hacking group is targeting vulnerable Docker systems in ongoing campaign. Researchers at TrendMicro say the group has three distinct goals: install Monero cryptominers, scan for other vulnerable Internet-exposed Docker instances, and perform container-to-host escapes to access the main network. TrendMicro has seen over 150,000 pulls of images from the malicious Docker Hub accounts as part of this campaign. The group previously used credential stealers that would rake in credentials from configuration files to gain information from compromised servers.”]