A Rare Look Inside a Cryptojacking Campaign and its Profit
released on 2021-01-13 @ 05:02:31 PM
This post details an ongoing cryptojacking campaign targeting Linux machines, using exposed Docker API ports as an initial access vector to a victim’s machine. The attacker then installs a Golang binary, which is undetected in VirusTotal at the time of this writing.