TeamTNT Steals to Azure and Google Cloud Credentials

Researchers have uncovered a new cloud credential stealing campaign that specifically targets Azure and Google Cloud Platform (GCP) services. They discovered up to eight new versions of the credential harvesting script, indicating an actively evolving campaign. Notably, this campaign exhibits resemblances to the tactics used by the TeamTNT cryptojacking group.