Hildegard Malware
A few months ago, cybercriminals focused on compromising the security of servers running the Docker software suite. It seems that the criminals behind some of these attacks have now turned their attention towards another software suite, which serves a similar purpose – Kuberenetes. The criminals from the TeamTNT group have been deploying a new piece of malware, dubbed Hildegard, that is meant to be used against Kubernetes servers worldwide.
The new Hildegard Malware was first detected in January 2021, and it is meant to execute cryptojacking attacks on compromised devices. Cybersecurity researchers who are following the situation closely mention that the Hildegard Malware appears to be far from fully finished, and they suspect that the criminals might be testing the waters, so to say. It is likely that Hildegard Malware's features will be expanded with future updates, and the implant can do much more than just run cryptocurrency miners.
So far, the Hildegard Malware's cryptojacking campaign has netted a profit of over 11 XMR (Monero) for the criminals. This amount is worth approximately $1,500. Researchers suspect that the initial infection vectors that the criminals rely on are insecure login credentials. Once they manage to penetrate one Kubernetes instance, they are able to run automated scripts to try and discover other vulnerable servers on the same network.
The Hildegard Malware runs on Linux systems exclusively, and users can protect themselves from it by employing appropriate firewall and anti-virus services, as well as strengthening the login credentials and security measures of active Kubernetes instances.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.