Akamai security researcher Larry Cashdollar set up a Docker container honeypot in a lab test. The honeypot was used for four different criminal campaigns in the span of 24 hours. The attacks included those wanting to use the container as a proxy to tap into Twitch streams, botnet infections; cryptomining; and a work-from-home scam. The 24-hour experiment highlights how quickly criminal activity can start to abuse cloud infrastructure, Cashdollar said, in a blog post.
Source: https://threatpost.com/poorly-secured-docker-image-rapid-attack/154874/