The TeamTNT hacking group has upped its game with a set of tools allowing it to indiscriminately target multiple operating systems.
On Wednesday, cybersecurity researchers from AT&T Alien Labs published a report on a new campaign, dubbed Chimaera, that is thought to have begun on July 25, 2021 — based on command-and-control (C2) server logs — and one that has revealed an increased reliance on open source tools by the threat group.
TeamTNT was first spotted last year and was connected to the installation of cryptocurrency mining malware on vulnerable Docker containers. Trend Micro has also found that the group attempts to steal AWS credentials to propagate on more servers, and Cado Security contributed the more recent discovery of TeamTNT targeting Kubernetes installations.
Now, Alien Labs says the group is targeting Windows, AWS, Docker, Kubernetes, and various Linux installations, including Alpine. Despite the short time period, the latest campaign is
The article Operation Chimaera: TeamTNT hacking group strikes thousands of victims worldwide originally appeared on ZDNet.