SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.teamtnt (Back to overview)

TeamTNT


Since Fall 2019, Team TNT is a well known threat actor which targets *nix based systems and misconfigured Docker container environments. It has constantly evolved its capabilities for its cloud-based cryptojacking operations. They have shifted their focus on compromising Kubernetes Clusters.

References
2023-07-13Aqua NautilusAssaf Morag, Ofek Itach
TeamTNT Reemerged with New Aggressive Cloud Campaign
TeamTNT
2023-07-05Aqua NautilusAssaf Morag, Ofek Itach
Threat Alert: Anatomy of Silentbob’s Cloud Attack
TeamTNT Tsunami
2022-07-18Palo Alto Networks Unit 42Unit 42
Thief Libr
TeamTNT Watchdog
2022-07-18Palo Alto Networks Unit 42Unit 42
Adept Libra
TeamTNT TeamTNT
2022-03-02CyberArkCyberArk Labs
Conti Group Leaked!
TeamTNT Conti TrickBot
2022-02-18IntezerIntezer
TeamTNT Cryptomining Explosion
TeamTNT
2022-02-09vmwareVMWare
Exposing Malware in Linux-Based Multi-Cloud Environments
ACBackdoor BlackMatter DarkSide Erebus HelloKitty Kinsing PLEAD QNAPCrypt RansomEXX REvil Sysrv-hello TeamTNT Vermilion Strike Cobalt Strike
2022-01-01Toli SecurityToli Security
Active crypto-mining operation by TeamTNT
TeamTNT
2021-12-07sysdigAlberto Pellitteri
Threat news: TeamTNT stealing credentials using EC2 Instance Metadata
TeamTNT
2021-12-01Trend MicroTrend Micro Research
Analyzing How TeamTNT Used Compromised Docker Hub Accounts
TeamTNT
2021-11-03Trend MicroAlfredo Oliveira, David Fiser
TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments
TeamTNT
2021-10-07UptycsSiddharth Sharma
Team TNT Deploys Malicious Docker Image On Docker Hub
TeamTNT
2021-10-06AnomaliTara Gould
Inside TeamTNT’s Impressive Arsenal: A Look Into A TeamTNT Server
TeamTNT
2021-09-14Cado SecurityCado Security
TeamTNT Script Employed to Grab AWS Credentials
TeamTNT Tsunami
2021-09-08AT&TOfer Caspi
TeamTNT with new campaign aka “Chimaera”
TeamTNT
2021-09-01IntezerIntezer
TeamTNT: Cryptomining Explosion
TeamTNT Tsunami
2021-07-20Trend MicroAlfredo Oliveira, David Fiser
Tracking the Activities of TeamTNT: A Closer Look at a Cloud-Focused Malicious Actor Group
TeamTNT
2021-02-20MalpediaMalpedia
Malpedia Website for Malware Family Team TNT
TeamTNT TeamTNT
2021-02-17AquasecAssaf Morag
Threat Alert: TeamTNT Pwn Campaign Against Docker and K8s Environments
TeamTNT TeamTNT
2021-02-03Palo Alto Networks Unit 42Ariel Zelivansky, Aviv Sasson, Jay Chen
Hildegard: New TeamTNT Malware Targeting Kubernetes
TeamTNT TeamTNT
2021-01-27AT&TOfer Caspi
TeamTNT delivers malware with new detection evasion tool
TeamTNT TeamTNT
2021-01-05Lacework LabsLacework Labs
TeamTNT Builds Botnet from Chinese Cloud Servers
TeamTNT TNTbotinger TeamTNT
2020-12-21IntezerIntezer
Top Linux Cloud Threats of 2020
AgeLocker AnchorDNS Blackrota Cloud Snooper Dacls Doki FritzFrog IPStorm Kaiji Kinsing NOTROBIN Penquin Turla PLEAD Prometei RansomEXX Stantinko TeamTNT TSCookie WellMail elf.wellmess TeamTNT
2020-12-02Aqua NautilusAssaf Morag, Idan Revivo
Threat Alert: Fileless Malware Executing in Containers
TeamTNT
2020-09-30Aqua NautilusAssaf Morag
Threat Alert: TeamTNT is Back and Attacking Vulnerable Redis Servers
TeamTNT
2020-08-25Aqua NautilusAssaf Morag
Deep Analysis of TeamTNT Techniques Using Container Images to Attack
TeamTNT Tsunami XMRIG
2020-08-17Cado SecurityChris Doman
Team TNT – The First Crypto-Mining Worm to Steal AWS Credentials
TeamTNT TeamTNT
2020-08-17Cado SecurityChris Doman, James Campbell
Team TNT - The First Crypto-Mining Worm to Steal AWS Credentials
TeamTNT

There is no Yara-Signature yet.