Cybersecurity researchers have discovered a new digital currency mining worm that specifically targets Amazon Web Services (AWS) credentials, in what is believed to be the first threat of its kind.
In a new report, cybersecurity firm Cado Security described the attack as “unsophisticated,” having raised only $ 300 according to blockchain data.
However, the report highlighted the unusual feature, specifically targeting AWS credentials, that could inspire a new generation of hackers intent on using stolen resources to extract bulk rewards.
Cado Security said this reflects a broader trend of hackers moving towards attacking cloud and container environments as more and more companies and other organizations switch to cloud-based services.
Known as TeamTNT, the hacker group recycled code from another worm, Kinsing, which was used to attack Alibaba Cloud Security tools. According to the report, this technique could now see future hackers copying TeamTNT code, which would mean that the prevalence of attacks against AWS will likely increase over time.
As has become common for mining attacks of this type, the TeamTNT worm uses XMRig to mine Monero. By collecting cloud resources from victims, the hackers were intent on augmenting their mining operations from compromised resources, enabling them to profit from mining Monero on a mass scale.
Research on MoneroOcean’s mining pool revealed 119 compromised systems that had so far been successfully attacked by the hack.
Mining attacks can be described as a form of cryptojacking, one of the fastest growing forms of online cybercrime. Cryptojacking attacks effectively steal processing power from unsuspecting victims, which hackers use to execute crypto mining scripts for their own benefit.
As a result, these types of attacks often go under the radar of detection, especially in organizations lacking the technical skills to understand the nature of the threat.
New to Bitcoin? Check out CoinGeek Bitcoin for beginners section, the ultimate resource guide to learn more about Bitcoin, as originally intended by Satoshi Nakamoto, and blockchain.