TeamTNT Targets Linux Instances on AWS, Alibaba Cloud for Credential Theft and Cryptomining
TeamTNT is actively modifying its scripts after they were made public by security researchers. These scripts primarily target Amazon Web Services, but can also run in on-premise, container, or other forms of Linux instances.