SecuriTricks

Attack reports

Attackers deploying new tactics in campaign targeting exposed Docker APIs

Published: June 20, 2024

Datadog Security Researchers recently encountered a new campaign that targets Docker API endpoints publicly exposed without authentication, with the objective of spreading cryptojacking malware. The observed TTPs bear resemblance to those seen in Spinning YARN, another campaign discovered in March …

Downloadable IOCs 37

docker

2024-06-20

xmrig miner

compiler

yarn

docker host

spinning yarn

docker engine

mnt directory

go code

tencent

vurl

exeremo

chkstart

execstartpost

» Click here to see all Attack Reports «

Tag: yarn

Attack reports

Attackers deploying new tactics in campaign targeting exposed Docker APIs