Port 22

Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor

A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research.

“To our knowledge, this is the first time attackers have been caught using legitimate third party software to target cloud infrastructure,” Israeli cybersecurity firm Intezer said