TeamTNT, a recently uncovered hacking group, uses botnets to help install cryptominers in cloud environments. The group is weaponizing Weave Scope, a legitimate cloud monitoring tool. The tool integrates with Docker, Kubernetes and Amazon Web Services to gain access to these platforms and install malicious code, reports say. Microsoft and Intezer reports that the current campaign has been active since mid-August, and researchers detected the malicious activities from a server located in Germany. Weave Works issued an advisory about how to ensure that its tool is not used by hackers.”]
Source: https://www.cuinfosecurity.com/hackers-use-cloud-monitoring-tool-to-install-cryptominers-a-14976