Tag: containers

2 Attack Reports | 0 Vulnerabilities

Attack reports

VoidLink threat analysis: C2-compiled kernel rootkits discovered

The Sysdig Threat Research Team analyzed VoidLink, a sophisticated Linux malware framework targeting cloud environments. Key findings include the first documented Serverside Rootkit Compilation, Chinese development with AI assistance, adaptive detection evasion, and use of the Zig programming langu…
linux
rootkit
evasion
cloud
c2
containers
stealth
kernel
voidlink
2026-01-19
ebpf
zig
Published: January 19, 2026
Downloadable IOCs: 9

Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers

This report details a cryptojacking campaign exploiting exposed Docker remote API servers. Threat actors employ the cmd.cat/chattr Docker image for initial access, utilizing techniques like chroot and volume binding to break out of the container and access host systems. They deploy cryptocurrency m…
malware
cryptocurrency
cloud
2024-06-07
cryptojacking
docker
containers
ziggystartux
Published: June 7, 2024
Downloadable IOCs: 7
Click here to see more Attack Reports