TeamTNT Script Employed to Grab AWS Credentials - Cado Security

TeamTNT script has been employed to target a Confluence vulnerability that grabs AWS credentials including those from ECS. 

TeamTNT gang expands its arsenal to target thousands of orgs worldwide

Newest TeamTNT IRC Bot Steals AWS and Docker Credentials

Previously Undiscovered TeamTNT Payload Recently Surfaced - Cado Security

TeamTNT Script Employed to Grab AWS Credentials - Cado Security

TeamTNT Script Employed to Grab AWS Credentials - Cado Security

TeamTNT Continues Attack on the Cloud, Targets AWS Credentials

Forensicating Threats in the Cloud - eForensics

Agile Approach to mass cloud credential harvesting and crypto mining sprints ahead

TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger