Cryptojacking is still a problem for Docker users. Docker Engine APIs are utilized to deploy Containers that download and execute a malicious coin miner. The Container will also download a port scanning software used for scanning for other vulnerable Docker Engine instances.

Containers usually enable organizations to deploy their applications to the cloud, something that is often valuable for those adopting DevOps. However in this case, a misconfiguration by the user in Docker Engine opens up the APIs to an attacker.

Read the full article on bleepingcomputer.com

Read the Trend Micro analysis