Cryptomining botnet now has capability to steal Amazon Web Services user credentials, researchers say. Botnet originally targeted networks using vulnerable or unprotected Docker containers. Cado: Botnet has been upgraded to target Kubernetes installations. Hackers planted XMRig mining malware to mine for monero cryptocurrency, according to Cado. So far, Cado has found two digital wallets associated with the TeamTNT gang that contain a total of about $300 worth of monero, but the report notes there could be other wallets.”]
Source: https://www.cuinfosecurity.com/cryptomining-botnet-steals-aws-credentials-a-14856