TeamTNT Using NVIDIA Drivers to Mine Cryptocurrency

Kubernetes deployments have been targeted by attackers as a means to compromise the cloud environment to control workloads and harness the power of the cloud to conduct unauthorized tasks. Earlier research has highlighted how the TeamTNT threat group conducts attacks against large-scale Kubernetes deployments.

ALSO READ:

• Cyber Attack
• Ransomware

Ransomware Attacks Set Records in February: New Data Shows

By infosecbulletin / Sunday , March 9 2025

Ransomware attacks reached a record high in February, surpassing previous months, according to a Cyble report. The Cyble report tracked...

Read More

• Cyber Attack
• Data Breach

Cyber attack at Japanese telecom leader NTT hits 18,000 companies

By infosecbulletin / Saturday , March 8 2025

NTT Communications Corporation discovered illegal access to its facilities on February 5 and confirmed on February 6 that some information...

Read More

• Cyber Attack

Cyber heist: Pune losses Rs 6007 crore in cyber scam

By infosecbulletin / Friday , March 7 2025

India's Maharashtra Deputy Chief Minister Devendra Fadnavis disclosed alarming cyber fraud figures for Pune in 2024 during the Assembly session....

Read More

• Cyber Attack
• Data Breach

Nearly 1 million airport lost and found records leaked

By infosecbulletin / Friday , March 7 2025

Cybersecurity researcher Jeremiah Fowler found that over a dozen unprotected databases from the German firm Lost and Found Software exposed...

Read More

• Alert
• Cyber Attack

Exploiting CVE-2024-4577, Attackers Target Japan with Cobalt Strike

By infosecbulletin / Friday , March 7 2025

Cisco Talos found that an unknown attacker has been targeting organizations in Japan since January 2025. The attacker exploited the...

Read More

• International

Sleeping Beauty
Researchers Bypassed CrowdStrike Falcon Sensor partially

By infosecbulletin / Friday , March 7 2025

SEC Consult researchers found a vulnerability in CrowdStrike's Falcon Sensor, enabling attackers to evade detection and run malicious applications. The...

Read More

• Alert
• Vulnerabilities

CVE-2025-22224
41,500+ VMware ESXi Instances Vulnerable to Attacks

By infosecbulletin / Thursday , March 6 2025

As of March 4, 2025, Shadowserver found that over 41,500 internet-exposed VMware ESXi hypervisors are vulnerable to the actively exploited...

Read More

• Uncategorized

Register Now
AI Engineering Hackathon: Registration Open

By infosecbulletin / Wednesday , March 5 2025

On April 19, 2025 (Saturday), Brain Station 23 and Poridhi are jointly going to organize "AI ENGINEERING HACKATHON". The prize...

Read More

• Uncategorized

Cisco alerts about a Webex flaw that exposes credentials

By infosecbulletin / Wednesday , March 5 2025

Cisco has alerted customers about a vulnerability in Webex for BroadWorks that could allow unauthorized attackers to access credentials remotely....

Read More

• Uncategorized

NVIDIA Issues Warning of Multiple Vulnerabilities

By infosecbulletin / Wednesday , March 5 2025

NVIDIA has released urgent security advisories for multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance Computing platforms. A critical flaw...

Read More

2023 Threat Report: Social Engineering and Web Attacks waves

TeamTNT is known for attacking insecure and vulnerable Kubernetes deployments in order to further enumerate the cloud infrastructure.to infiltrate into organizations’ dedicated environments and transform them into attack launchpads. In this article we present a new module introduced by TeamTNT to utilize NVIDIA’s GPU capabilities by installing associated drivers on compromised pods running in cluster nodes to conduct advanced mining operations. For clarity, no security vulnerability in NVIDIA’s driver is exploited by TeamTNT.

Click here to read full report

Aditya K Sood
Advanced Threat Research Center of Excellence, Office of the CTO, F5

Source: virusbulletin