Python Malware Poses DDoS Threat Via Docker API Misconfiguration

Security researchers have discovered a new cyber-threat exploiting misconfigurations of the Docker Engine API to deploy a malicious Python malware, functioning as a DDoS (Distributed Denial of Service) bot agent. The attackers initially access the Docker API and retrieve a malicious Docker container using an HTTP POST request, later utilising the bot for conducting DoS attacks. Use of Docker Engine API for such attacks has significantly increased due to frequent inadvertent exposure, increasing potential vulnerabilities. Docker users are urged to remain vigilant and proactive in mitigating risks.