Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances

Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances

Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial gain. “The attackers used the cmd.cat/chattr docker image container that retrieves the payload from Read more…

Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years

Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years

Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious “imageless” containers over the past five years, once again underscoring how open-source registries could pave the way for supply chain attacks. “Over four million of the repositories in Read more…

Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining

Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining

Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to deliver a cryptocurrency miner and spawn a reverse shell for persistent remote Read more…

Cryptojacking Campaign

Exposed Docker APIs Under Attack in ‘Commando Cat’ Cryptojacking Campaign

Exposed Docker APIs Under Attack in ‘Commando Cat’ Cryptojacking Campaign Feb 01, 2024NewsroomCryptojacking / Linux Security Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. “The campaign deploys a benign container generated using the Commando project,” Cado security researchers Nate Bill Read more…

OracleIV DDoS Botnet

OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers

OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers Nov 14, 2023NewsroomCloud Security / Malware Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service (DDoS) botnet dubbed OracleIV. “Attackers are exploiting this Read more…