Crypto hacker TeamTNT might be planning a new large-scale attack. According to reports from Assaf Morag, director of threat intelligence at cloud security firm Aqua the notorious gang TeamTNT seems to be preparing for a new, extensive campaign that will target cloud-native systems for cryptocurrency mining and the rental of compromised servers to outside parties.
Assaf stated in the report, that the group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm. Crypto miners using compromised servers and Docker Hub are being used as the infrastructure to spread the malware.
The attack group TeamTNT has mostly targeted containerized and cloud settings. Since at least October 2019, the group has been active, and its primary focus has been on using cloud and container resources to install cryptocurrency miners in environments that are vulnerable.
Crypto Hacks Become More Sensitive and Difficult To Track
The attack activity demonstrates the threat actor’s tenacity, adaptability, and capacity to launch multi-phase attacks in an attempt to compromise Docker systems and recruit them into a Docker Swarm.
In addition to hosting and disseminating their malicious payloads via Docker Hub, TeamTNT has been seen to diversify its revenue streams by renting out the victims’ processing power to third parties for illegal Bitcoin mining.
The attack campaign was hinted at earlier this month when Datadog revealed malevolent attempts to gather compromised Docker instances into a Docker Swarm, hinting that TeamTNT might be responsible without providing an official attribution. However, up until now, the operation’s entire scope has been unclear.
Also read US Prosecutors Demand 5-YR Sentence for Crypto Hacker Tied With $6B Bitfinex Fraud
Ronin Network Under Investigation After $9.33M Suspected Hack
Crypto Hacks Pose Threat To Industry
Crypto hacks and attacks have been a problem for the industry for a long time now. The reported losses from cryptocurrency-related investment fraud schemes rose from $2.57 billion in 2022 to $3.96 billion in 2023, a 53% rise.
Since the tech-heavy market has a lot of usage of the online world, it makes it more susceptible to such hacks and attacks.
Even if the market has advanced, there are still instances of cryptocurrency fraud and scams in 2024. People between the ages of 30 and 39 and 40 and 49 have made the most complaints regarding Bitcoin investment fraud, while people over 60 have reported the most losses (more than $1.24 billion) so far this year.
Also read: Indian Crypto Exchange WazirX Hacked, $234.9M Funds Compromised
Currently, cryptocurrency is used for a variety of purposes, be it regular expenses or even large transactions. However, because of their inherent characteristics, cryptocurrencies are more likely to be exploited as a tool for money laundering, fraud, ransomware, and terrorism financing.