TeamTNT Script Employed to Grab AWS Credentials - Cado Security

TeamTNT script has been employed to target a Confluence vulnerability that grabs AWS credentials including those from ECS. 

Previously Undiscovered TeamTNT Payload Recently Surfaced - Cado Security

Threat news: TeamTNT stealing credentials using EC2 Instance Metadata – Sysdig

Docker Archives - Security Affairs

Cloud Malware Proliferation? - Cado Security

Case Studies TeamTNT - AWS & Container Cryptomining Worm DFIR.pdf

TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger

Team TNT – The First Crypto-Mining Worm to Steal AWS Credentials - Cado Security

TeamTNT Targeting AWS, Alibaba

TeamTNT Continues Attack on the Cloud, Targets AWS Credentials