TeamTNT
MISP
Tipo:
Unknown
Unknown
Paese:
Unknown
Unknown
Prima attivita:
Unknown
Unknown
Dettagli:
[TeamTNT](https://attack.mitre.org/groups/G0139) is a threat group that has primarily targeted cloud and containerized environments. The group as been active since at least October 2019 and has mainly focused its efforts on leveraging cloud and container resources to deploy cryptocurrency miners in victim environments.(Citation: Palo Alto Black-T October 2020)(Citation: Lacework TeamTNT May 2021)(Citation: Intezer TeamTNT September 2020)(Citation: Cado Security TeamTNT Worm August 2020)(Citation: Unit 42 Hildegard Malware)(Citation: Trend Micro TeamTNT)(Citation: ATT TeamTNT Chimaera September 2020)(Citation: Aqua TeamTNT August 2020)(Citation: Intezer TeamTNT Explosion September 2021)
MITRE ATT&CK:
View on MITRE
Tecniche Utilizzate (56)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1007 | System Service Discovery | - |
| T1014 | Rootkit | - |
| T1016 | System Network Configuration Discovery | - |
| T1021.004 | SSH | - |
| T1027.002 | Software Packing | - |
| T1027.013 | Encrypted/Encoded File | - |
| T1036 | Masquerading | - |
| T1036.005 | Match Legitimate Resource Name or Location | - |
| T1046 | Network Service Discovery | - |
| T1048 | Exfiltration Over Alternative Protocol | - |
| T1049 | System Network Connections Discovery | - |
| T1057 | Process Discovery | - |
| T1059.001 | PowerShell | - |
| T1059.003 | Windows Command Shell | - |
| T1059.004 | Unix Shell | - |
Riferimenti (10)
- unit42.paloaltonetworks.com - Hildegard Malware Teamtnt
- malpedia.caad.fkie.fraunhofer.de - Elf.teamtnt
- blog.aquasec.com - Teamtnt Campaign Against Docker Kubernetes Environment
- cybersecurity.att.com - Teamtnt Delivers Malware With New Detection Evasion Tool
- cadosecurity.com - Team Tnt The First Crypto Mining Worm To Steal Aws Credentials
- intezer.com - Top Linux Cloud Threats Of 2020
- trendmicro.com - Teamtnt Now Deploying Ddos Capable Irc Bot Tntbotinger
- cyware.com - Hildegard Teamtnts New Feature Rich Malware Targeting Kubernetes 6587eb45
- lacework.com - Teamtnt Builds Botnet From Chinese Cloud Servers
- unit42.paloaltonetworks.com - Adept Libra
Alias (103)
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Adept Libra
Malware Utilizzato (4)
Metadata
| ID: | 303 |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 04:00 |