Quote:Researchers have discovered the latest cryptojacking malware gambit from TeamTNT, called Black-T. The variant builds on the group’s typical approach, with a few new — and sophisticated — extras.
TeamTNT is known for its targeting of Amazon Web Services (AWS) credentials, to break into the cloud and use it to mine for the Monero cryptocurrency. But according to researchers with Palo Alto Network’s Unit 42, with Black-T, the group has added in additional capabilities to its tactics, techniques and procedures (TTPs). These include the addition of sophisticated network scanners; the targeting of competitor XMR mining tools on the network; and the use of password scrapers.
What TeamTNT plans to do with the saved passwords and additional capabilities is still unclear, but the development signals that the group doesn’t plan to slow down anytime soon.
In August, TeamTNT was identified by researchers as the first cryptojacking group to specifically target AWS. With increasingly sophisticated TTPs, the cybercriminal gang appears to be gaining steady momentum. Just last month, TeamTNT was discovered to have been leveraging a common open-source cloud monitoring tool called Weave Scope, to infiltrate the cloud and execute commands without breaching the server.
Read more: https://threatpost.com/blackt-cryptojack...nt/159853/
![[-]](https://www.geeks.fyi/images/collapse.png)
