Security researchers have discovered a new one crypto-mining company capable of AWS theft credentials from infected servers. This is the first crypto-mining malware which has this capability.
This new data theft feature was detected in crypto-mining malware introduced in TeamTNT, a malicious hacking group that targets Docker facilities.
The group has been active since at least April, according to a report released by the company security Trend Micro.
According to the researchers’ report, TeamTNT scans the Internet for systems Docker that have left their management API exposed to Internet without password.