Having covered TeamTNT in several of our blog entries over the past couple of years, we embarked on a research that encompasses the malicious actor group’s campaigns, tools, and techniques in 2020 and early 2021.
Although believed to have been active since 2011, TeamTNT stayed under the radar for many years before exploding onto the scene in 2020. In the past year, the group launched a few preliminary campaigns, including such notable ones as a series of cryptocurrency mining and distributed denial-of-service (DDoS) attacks on Docker Daemon parts, and a campaign where it deployed a DDoS-capable IRC (Internet Relay Chat) bot.
Read more…
Source: Trend Micro