# TeamTNT ’s New Trump Card

investigator from Palo Alto Networks detect the Hildegard malware of TeamTNT direct Kubernetes scheme at its January reconnaissance and weaponization grade .

In place to hit entree to the Kubernetes environment for cryptojacking and potentially exfiltrating confidential data from tenner of one thousand of covering control in the clustering , the assaulter principally leverage misconfigured kubelet agent . A tmate rearward scale and an IRC line are exploited by the Hildegard malware to make C&C connexion . It U.S. a recognized Linux sue figure to mask the malicious swear out ( bioset ) . what is more , the malware masquerade harmful function victimisation program library shot for security department dodging and encipher the malicious warhead within a binary star to create it Thomas More difficult to automate atmospherics enquiry .

# Holocene assail

The aggroup victimized a spying dodging method ring libprocesshider in the preceding calendar month , which was simulate from opened seed secretary . TeamTNT cyber-terrorist ill-used malicious racing shell lodge , along with AWS password , and deploy cryptocurrency miner to exfiltrate Docker API logins . Palo Alto research worker in another analytic thinking breakthrough an Ezuri dockworker in the freshly mold armory of the party . In December , a pass out self-denial of service ( DDoS ) able IRC bot list TNTbotinger was deploy by the TeamTNT party .

# wrapper up

With raw tool and malware , TeamTNT has been constantly expatiate its potentiality and armory . It may be Thomas More profitable to fire a constellate of Kubernetes than a hack on Docker innkeeper . The scourge federal agent may be carry to convey a turgid - weighing machine snipe in the most futurity with more go on proficiency for initial infiltration , murder , protection dodging , and statement and assure .