Nicole Fishbein, Author at Intezer

Rocke Group Actively Targeting the Cloud: Wants Your SSH Keys

New Malware Variant Exploits Production Environment Rocke Group is a Chinese-based threat actor most known for running cryptojacking malware on Linux machines. The...

A Rare Look Inside a Cryptojacking Campaign and its Profit

Intro Linux threats are becoming more frequent. A common type of Linux threat is cryptojacking, which is the unauthorized use of an...

A Storm is Brewing: IPStorm Now Has Linux Malware

Introduction The development of cross-platform malware is not new, however, we continue to observe a number of malware that were previously documented only...

Attackers Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks

Introduction TeamTNT is a cybercrime group that targets cloud environments including Docker and Kubernetes instances. The group has been previously documented using...

Watch Your Containers: Doki Infecting Docker Servers in the Cloud

Key Findings Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms. It has...

Used by

Used for

Capabilities

Security for

Rocke Group Actively Targeting the Cloud: Wants Your SSH Keys

A Rare Look Inside a Cryptojacking Campaign and its Profit

A Storm is Brewing: IPStorm Now Has Linux Malware

Attackers Abusing Legitimate Cloud Monitoring Tools to Conduct Cyber Attacks

Watch Your Containers: Doki Infecting Docker Servers in the Cloud