The Register
UK · 52 mins ago
CAI cloud worm gives competitors' malware the boot, then steals secrets and mines for coin
REG AD security Dog-eat-dog world for credential-stealing attackers EXCLUSIVE There's no honor among thieves as a new worm steals from other infectious software. It pilfers “multiple” victims’ credentials and mines for cryptocurrency while killing competitors’ processes, including similar secret-harvesting malware.It’s called Cloud AI Infrastructure Attack Framework (CAI), and it’s a centralized botnet that targets cloud-native developer tools like Docker, Kubernetes, Redis, etcd, Kubelet, and Ray for credential theft and cryptomining. The scripts “are heavily inspired” by the likes of other similar credential-stealing worms that have wreaked havoc across cloud environments and supply chains this year, “using code comments like ‘PCPJack-aligned,’” according to security researcher Michael R
Do you trust The Register?
Sign in to rate
Discussion 0 comments
Sort:
?
No comments yet — be the first to start the discussion!