Bleeping Computer

Exposed Docker APIs Continue to Be Used for Cryptojacking

Exposed Docker APIs continue to be used by attackers to create new containers that perform cryptojacking. Earlier this year we reported on attackers utilizing insecure Docker and Kubernetes systems to ...
Dark Reading

Attackers Use Docker APIs, Tor Anonymity in Stealthy Crypto Heist

Threat actors are targeting cloud-based networks by exploiting misconfigured Docker APIs to gain access to containerized environments, then using the anonymity of Tor to hide their deployment of ...
Bleeping Computer

Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware

Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building ...
Dark Reading

Docker Leaks API Secrets & Private Keys, as Cybercriminals Pounce

Container images shared on Docker Hub are leaking sensitive data in the cloud, to the tune of tens of thousands of secrets. And attackers are scooping these up to be used to compromise a wide range of ...
CSOonline

Misconfigured Docker API endpoints allow attackers to deliver DDoS botnet agent

A new attack campaign deploys malicious container images on cloud servers by exploiting insecure Docker Engine API endpoints. The malicious image contains a distributed denial-of-service (DDoS) botnet ...
Threat Post

Cryptomining Attack Exploits Docker API Misconfiguration Since 2019

Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency. Hackers behind a cryptomining campaign have managed to ...