TeamTNT
TeamTNT is a threat group that has primarily targeted cloud and containerized environments. The group as been active since at least October 2019 and has mainly focused its efforts on leveraging cloud and container resources to deploy cryptocurrency miners in victim environments.
Attribution signal
?Score = mentions × confidence weight, summed across all attributed sources. Higher source diversity increases the score.≥ 10 High≥ 3 Moderate< 3 Low0.3
Low signal strength
Mentions1
Sources1
High conf.0
Last seenMay 2026
First observed
2021-10-01
Last active
—
Origin
Unknown — financially motivated cybercriminal group
Aliases
1
Techniques
0
Campaigns
0
Attribution signals
1 mention · 1 source#1low
TTP match
wiz-research
May 2026