Threat actors are targeting vulnerable Docker services by deploying the XMRig cryptocurrency miner and the 9Hits Viewer software to make money from compromised hosts. The method used to spread the malware is unclear but is likely to involve scanning for prospects using search engines. The servers are breached to deploy two malicious containers via the Docker API, leaving the servers unable to perform as expected.
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some
