New form of Linux malware has a clever use for the Dogecoin API

Gadget

Post Tags



As more businesses shift their workloads to cloud environments, Linux threats are becoming increasingly common and cybercriminals have devised new tools and techniques to launch attacks against Linux infrastructure.

One technique they often employ is scanning for publicly accessible Docker servers and then abusing misconfigured Docker API ports to set up their own containers and execute malware on their victim’s infrastructure. The Ngrok botnet is one of the longest ongoing attack campaigns that leverages this technique and a new report from Intezer Labs shows that it takes only a few hours for a new misconfigured Docker server to be infected by this campaign.



Source link

Comments are closed.