TeamTNT is known for its targeting of Amazon Web Services credentials, to break into the cloud and use it to mine for Monero cryptocurrency. With Black-T, the group has added in additional capabilities to its tactics, techniques and procedures (TTPs) These include the addition of sophisticated network scanners; the targeting of competitor XMR mining tools on the network; and the use of password scrapers. With increasingly sophisticated TTPs, the cybercriminal gang appears to be gaining steady momentum.
Source: https://threatpost.com/blackt-cryptojacker-teamtnt/159853/