When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
A new cryptojacking campaign has been spotted leveraging poorly-secured Docker remote API servers, experts have claimed.
The researchers believe the binary to be ZiggyStarTux, an open-source IRC bot built on the Kaiten malware.
“This tactic allows attackers to exploit vulnerabilities in Docker configurations while evading detection by security software.”
The goal of the campaign is to generate cryptocurrency for the attackers.
Themalwarebeing deployed is a cryptominer, a lightweight program that mines cryptocurrency, usually Monero (XMR).
Mining is a colloquial term for complex operations that usually take up almost all of the machines computing power.
Furthermore, with mining being so compute-intensive, it can rake up quite the electricity bill.
ViaThe Hacker News
