Cybersecurity researchers have exposed a new malware campaign targeting Docker environments that employs a previously unknown method to mine cryptocurrency. The campaign uses a malicious Docker image that connects to Teneo, a decentralized service that allows users to monetize public social media data. Unlike traditional cryptojacking that directly runs miners, this malware manipulates WebSocket connections to earn rewards through system activity without performing actual data scraping. This tactic marks a notable shift in how cybercriminals exploit resources, reminiscent of other malicious schemes such as proxyjacking.
The malware script simply connects to the WebSocket and sends keep-alive pings in order to gain more points from Teneo and does not do any actual scraping.
This involves deploying a malware strain that connects to a nascent Web3 service called Teneo, allowing users to monetize public social media data.
Collection
[
|
...
]