• About Us
  • Privacy Policy
  • Disclaimer
  • Contact Us
TechTrendFeed
  • Home
  • Tech News
  • Cybersecurity
  • Software
  • Gaming
  • Machine Learning
  • Smart Home & IoT
No Result
View All Result
  • Home
  • Tech News
  • Cybersecurity
  • Software
  • Gaming
  • Machine Learning
  • Smart Home & IoT
No Result
View All Result
TechTrendFeed
No Result
View All Result

New Malware Hijacks Docker Photographs Utilizing Distinctive Obfuscation Method

Admin by Admin
April 23, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


A just lately uncovered malware marketing campaign focusing on Docker, probably the most steadily attacked companies in keeping with Darktrace’s honeypot knowledge, has revealed a startling degree of sophistication in obfuscation and cryptojacking strategies.

This novel assault begins with a seemingly innocuous request to launch a container from Docker Hub, particularly the kazutod/tene:ten picture.

Subtle Assault Targets Docker Hub with Superior Payload Hiding

By leveraging Docker’s built-in instruments to drag and extract the picture layers, analysts found that the container executes a Python script named ten.py.

– Commercial –
Google News
Docker Images
Use of Cyberchef to decode the ten.py script.

What units this marketing campaign aside is the intricate obfuscation approach used to hide the malicious payload inside this script.

The script employs a multi-layered method, using a lambda perform to reverse a base64-encoded string, decode it, and decompress it by way of zlib earlier than executing the end result as Python code.

This course of repeats over 63 iterations, a deliberate tactic that doubtless goals to thwart signature-based detection and frustrate reverse-engineering efforts by analysts.

Cryptojacking Evolves with Decentralized Community Exploitation

Delving deeper into the de-obfuscated code, the malware’s intent turns into clear: it establishes a connection to teneo[.]professional, a legit Web3 startup targeted on decentralized knowledge networks.

Teneo incentivizes customers to hitch its community with “Teneo Factors,” a non-public crypto token, in change for working nodes that scrape social media knowledge.

Docker Images
Extraction of the ensuing tar file.

Nonetheless, this malware exploits the system by connecting by way of a websocket and sending keep-alive pings with out performing any scraping, illicitly accumulating factors primarily based on heartbeat counts.

This represents a shift from conventional cryptojacking instruments like XMRig, which immediately mine cryptocurrencies and are broadly detected by safety techniques.

As an alternative, attackers are actually hijacking legit decentralized platforms for revenue, a pattern additionally evident within the attacker’s Docker Hub profile, the place related containers execute purchasers for different distributed networks like Nexus.

The profitability of this technique stays unsure as a result of opaque nature of personal tokens and the shortage of public pricing knowledge, as seen with Teneo’s token listed as “preview solely” on CoinGecko.

Based on the Report, this marketing campaign underscores the persistent evolution of malware techniques, notably within the realm of obfuscation and cryptojacking.

The extreme layering of encoded payloads, whereas seemingly pointless for bypassing detection, highlights the lengths to which risk actors will go to guard their code from scrutiny.

For system directors, this serves as a important reminder of Docker’s vulnerability as a major goal.

Exposing Docker companies to the web with out strong authentication and firewall protections is a recipe for compromise, as assaults happen with alarming frequency. Even temporary publicity can result in vital breaches.

As attackers proceed to innovate by abusing legit instruments for illicit achieve, the necessity for superior detection mechanisms and proactive safety measures has by no means been extra pressing.

This case not solely illustrates the significance of de-obfuscation expertise for analysts but in addition indicators a broader shift within the cyberthreat panorama, the place conventional assault vectors are changed by insidious, covert methods.

Discover this Information Fascinating! Observe us on Google Information, LinkedIn, & X to Get Prompt Updates!

Tags: DockerHijacksimagesMalwareObfuscationTechniqueUnique
Admin

Admin

Next Post
Challenges & Options For Monitoring at Hyperscale

Challenges & Options For Monitoring at Hyperscale

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Trending.

Discover Vibrant Spring 2025 Kitchen Decor Colours and Equipment – Chefio

Discover Vibrant Spring 2025 Kitchen Decor Colours and Equipment – Chefio

May 17, 2025
Reconeyez Launches New Web site | SDM Journal

Reconeyez Launches New Web site | SDM Journal

May 15, 2025
Safety Amplified: Audio’s Affect Speaks Volumes About Preventive Safety

Safety Amplified: Audio’s Affect Speaks Volumes About Preventive Safety

May 18, 2025
Flip Your Toilet Right into a Good Oasis

Flip Your Toilet Right into a Good Oasis

May 15, 2025
Apollo joins the Works With House Assistant Program

Apollo joins the Works With House Assistant Program

May 17, 2025

TechTrendFeed

Welcome to TechTrendFeed, your go-to source for the latest news and insights from the world of technology. Our mission is to bring you the most relevant and up-to-date information on everything tech-related, from machine learning and artificial intelligence to cybersecurity, gaming, and the exciting world of smart home technology and IoT.

Categories

  • Cybersecurity
  • Gaming
  • Machine Learning
  • Smart Home & IoT
  • Software
  • Tech News

Recent News

How authorities cyber cuts will have an effect on you and your enterprise

How authorities cyber cuts will have an effect on you and your enterprise

July 9, 2025
Namal – Half 1: The Shattered Peace | by Javeria Jahangeer | Jul, 2025

Namal – Half 1: The Shattered Peace | by Javeria Jahangeer | Jul, 2025

July 9, 2025
  • About Us
  • Privacy Policy
  • Disclaimer
  • Contact Us

© 2025 https://techtrendfeed.com/ - All Rights Reserved

No Result
View All Result
  • Home
  • Tech News
  • Cybersecurity
  • Software
  • Gaming
  • Machine Learning
  • Smart Home & IoT

© 2025 https://techtrendfeed.com/ - All Rights Reserved