New Malware Campaign Targets Misconfigured Docker API Instances for Cryptocurrency Mining

A new malware campaign is targeting misconfigured Docker API instances to transform them into a cryptocurrency mining botnet. The attacks aim to mine the Dero cryptocurrency and are notable for their worm-like capabilities to spread to other exposed Docker instances, thereby increasing the number of mining bots. Kaspersky has observed this unidentified threat.