A sophisticated cloud-credential stealing and cryptomining campaign targeting Amazon Web Services (AWS) environments for the past several months has now expanded to Azure and Google Cloud Platform (GCP) as well. And, the tools used in the campaign share considerable overlap with those associated with TeamTNT, a notorious, financially motivated threat actor, researchers have determined.

Source: Dark Reading: Cloud