Python Malware Poses DDoS Threat Via Docker API Misconfiguration

13-Nov-23

A fresh cyber-threat that targets publicly accessible instances of the Docker Engine API has been discovered by security experts.



In this campaign, malicious Docker containers containing Python malware packaged as an ELF executable are launched by attackers taking advantage of misconfigurations. Acting as a Distributed Denial of Service (DDoS) bot agent, the malicious malware demonstrates many attack techniques for carrying out DoS attacks.The Docker Engine API, a previously targeted entry point, has grown in popularity for starting such attacks, which are frequently linked to the distribution of cryptojacking malware, according to a warning released by Cado Security Labs earlier today. The Docker Engine API is commonly exposed accidentally. This causes a number of unconnected initiatives to start looking for security holes.


Read More…