TeamTNT Reemerged with New Aggressive Cloud Campaign

The TeamTNT threat group has reemerged with a new aggressive campaign targeting cloud environments, demonstrating evolved attack techniques. TeamTNT is known for targeting cloud-native infrastructure, particularly Docker and Kubernetes environments.

This latest campaign shows that TeamTNT continues to evolve their tactics, incorporating new techniques and tools to bypass security controls and maximize their cryptomining operations.

Campaign Characteristics

• Targeting cloud-native infrastructure
• Advanced evasion techniques
• Multi-stage attack chains
• Enhanced persistence mechanisms