New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
19 September 2024
The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system.
"The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim's assets, during which the threat actor uploaded a malicious script," Group-IB researchers Vito Alfano and Nam Le