A cryptomining botnet now has the capability to steal Amazon Web Services user credentials, researchers say. The botnet originally targeted networks using vulnerable or unprotected Docker containers. It appears the botnet has been upgraded to target Kubernetes installations, according to the report from Cado. Cado has found two digital wallets associated with the TeamTNT gang that contain a total of about $300 worth of monero, but there could be other attacks and infected networks. So far, so far, the cybercriminal gang apparently hasnt attempted to sell any stolen AWS credentials or use them to support the scheme.”]
Source: https://www.databreachtoday.com/cryptomining-botnet-steals-aws-credentials-a-14856