A cybercrime group known as TeamTNT is using a crypto-mining worm to steal plaintext AWS credentials and config files from compromised Docker and Kubernetes systems. […]

from https://www.bleepingcomputer.com/news/security/cryptojacking-worm-steals-aws-credentials-from-docker-systems/