TeamTNT Using NVIDIA Drivers to Mine Cryptocurrency

Kubernetes deployments have been targeted by attackers as a means to compromise the cloud environment to control workloads and harness the power of the cloud to conduct unauthorized tasks. Earlier research has highlighted how the TeamTNT threat group conducts attacks against large-scale Kubernetes deployments.

ALSO READ:

• International

First couple “Rosie” to conceive using AI tech “STAR” successfully

By infosecbulletin / Sunday , June 29 2025

Doctors at Columbia University Fertility Center have reported what they are calling the first pregnancy using a new AI system,...

Read More

• Alert
• Cyber Attack

Scattered Spider Actively Attacking Aviation and Transportation: FBI

By infosecbulletin / Saturday , June 28 2025

Cybersecurity experts and federal authorities are warning that the Scattered Spider hackers are now targeting aviation and transportation, indicating a...

Read More

• Alert
• Hot Topic
• International

Russia’s restrictions on Cloudflare making websites inaccessible

By F2 / Saturday , June 28 2025

Since June 9, 2025, Russian users connecting to Cloudflare services have faced throttling by ISPs. As the throttling is being...

Read More

• Cyber Attack
• Data Breach

61 million Verizon records allegedly posted online for sale

By infosecbulletin / Saturday , June 28 2025

A new report from SafetyDetectives reveals that hackers posted a massive 3.1GB dataset online, containing about 61 million records reportedly...

Read More

• Hot Topic

Cyber Expert ‘Rene Joshilda’ Arrested for Bomb Hoaxes

By infosecbulletin / Friday , June 27 2025

A 30-year-old robotics engineer from Chennai set off alarm bells in 11 states by allegedly sending hoax bomb threats. She...

Read More

• Alert
• Vulnerabilities

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow to Gain Root Access

By infosecbulletin / Friday , June 27 2025

Cisco has issued updates to fix two critical security vulnerabilities in Identity Services Engine (ISE) and ISE Passive Identity Connector...

Read More

• Alert
• Vulnerabilities

CISA Warns of FortiOS Hard-Coded Credentials Vulns

By F2 / Thursday , June 26 2025

CISA warns about a serious vulnerability in Fortinet FortiOS that threatens network security. CISA included CVE-2019-6693 in its Known Exploited...

Read More

• Alert
• Vulnerabilities

5 vendors’ printer totaling 748 models affected: Rapid7

By F2 / Thursday , June 26 2025

Rapid7 has revealed serious vulnerabilities in multifunction printers (MFPs) from Brother, FUJIFILM, Ricoh, and Toshiba Tec Corporation. These findings, covering...

Read More

• Alert
• Vulnerabilities

Citrix Released Emergency Patches for Actively Exploited CVE-2025-6543

By infosecbulletin / Wednesday , June 25 2025

Citrix has issued security updates for a critical vulnerability in NetScaler ADC that has been actively exploited. The vulnerability CVE-2025-6543...

Read More

• Alert
• Vulnerabilities

SonicWall warns of a trojanized NetExtender stealing VPN logins

By F2 / Wednesday , June 25 2025

SonicWall warned on Monday that unknown attackers have trojanized its SSL-VPN NetExtender application, tricking users into downloading it from fake...

Read More

2023 Threat Report: Social Engineering and Web Attacks waves

TeamTNT is known for attacking insecure and vulnerable Kubernetes deployments in order to further enumerate the cloud infrastructure.to infiltrate into organizations’ dedicated environments and transform them into attack launchpads. In this article we present a new module introduced by TeamTNT to utilize NVIDIA’s GPU capabilities by installing associated drivers on compromised pods running in cluster nodes to conduct advanced mining operations. For clarity, no security vulnerability in NVIDIA’s driver is exploited by TeamTNT.

Click here to read full report

Aditya K Sood
Advanced Threat Research Center of Excellence, Office of the CTO, F5

Source: virusbulletin