The 8220 Cryptomining Gang massively expands Cloud Botnets
The 8220 Cryptomining Gang massively expands Cloud Botnets
Threat Level
Actor Report
For a detailed advisory, download the pdf file here
Summary
The 8220 gang has significantly expanded their cloud bot armies around the world, targeting AWS, Azure, GCP, Alitun, and QCloud cloud service hosts. The group is being detected using a new version of the IRC botnet, the PwnRig cryptocurrency miner, and its standard infection script