TeamTNT Using NVIDIA Drivers to Mine Cryptocurrency

Kubernetes deployments have been targeted by attackers as a means to compromise the cloud environment to control workloads and harness the power of the cloud to conduct unauthorized tasks. Earlier research has highlighted how the TeamTNT threat group conducts attacks against large-scale Kubernetes deployments.

ALSO READ:

• Vulnerabilities

AMD Patches CPU Vulnerability

By infosecbulletin / Wednesday , February 5 2025

AMD announced patches on Monday for a microprocessor vulnerability that risks the loss of Secure Encrypted Virtualization (SEV) protection, potentially...

Read More

• Alert
• Cyber Attack
• Vulnerabilities

Hackers To Use HTTP Client Tools To Compromise Microsoft 365 Accounts

By infosecbulletin / Wednesday , February 5 2025

Hackers are using HTTP client tools for advanced account takeover attacks on Microsoft 365. Seventy-eight percent of Microsoft 365 tenants...

Read More

• Alert
• Vulnerabilities

Google patches 47 Android flaws, Including Actively Exploited CVE-2024-53104

By infosecbulletin / Wednesday , February 5 2025

Google has released patches for 47 security flaws in Android, including one that is actively being exploited. CVE-2024-53104 (CVSS score: 7.8)...

Read More

• Alert
• Vulnerabilities

CVE-2025-21415
Microsoft Patches Critical Azure AI Face Service Vulnerability

By infosecbulletin / Tuesday , February 4 2025

Microsoft has released patches for two critical security flaws in Azure AI Face Service and Microsoft Account that could allow...

Read More

• Daily Security Update

Daily Security Update Dated:4.02.2025

By infosecbulletin / Tuesday , February 4 2025

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...

Read More

• Vulnerabilities

768 Exploited CVEs in 2024, a 20% Increase from 639 in 2023

By infosecbulletin / Tuesday , February 4 2025

In 2024, 768 vulnerabilities with CVE identifiers were reported as exploited in the wild, a 20% increase from 639 in...

Read More

• Cyber Attack
• Vulnerabilities

.Gov Domains Weaponized in Phishing Surge

By infosecbulletin / Monday , February 3 2025

A recent report from Cofense Intelligence highlights a concerning trend: threat actors are increasingly misusing .gov top-level domains (TLDs) to...

Read More

• Event

RedSentry presents
Hacked 101 Seminar Successfully Ended at UITS

By infosecbulletin / Sunday , February 2 2025

The cybersecurity seminar "RedSentry presents: Hacked 101," organized by RedSentry with the University of Information Technology and Sciences (UITS) as...

Read More

• Uncategorized

US scientists claim to replicate DeepSeek for $30 dubbed “TinyZero,”

By infosecbulletin / Sunday , February 2 2025

Researchers at the University of California, Berkeley, claims they’ve managed to reproduce the core technology behind DeepSeek’s at a total...

Read More

• Hot Topic

ChatGPT, DeepSeek, Qwen 2.5-VL Vulnerable to AI Jailbreaks

By infosecbulletin / Sunday , February 2 2025

This week, multiple research teams showcased jailbreaks for popular AI models, including OpenAI's ChatGPT, DeepSeek, and Alibaba's Qwen. After its...

Read More

2023 Threat Report: Social Engineering and Web Attacks waves

TeamTNT is known for attacking insecure and vulnerable Kubernetes deployments in order to further enumerate the cloud infrastructure.to infiltrate into organizations’ dedicated environments and transform them into attack launchpads. In this article we present a new module introduced by TeamTNT to utilize NVIDIA’s GPU capabilities by installing associated drivers on compromised pods running in cluster nodes to conduct advanced mining operations. For clarity, no security vulnerability in NVIDIA’s driver is exploited by TeamTNT.

Click here to read full report

Aditya K Sood
Advanced Threat Research Center of Excellence, Office of the CTO, F5

Source: virusbulletin