We found that most of the exposed Docker remote API IPs are running a cryptocurrency miner for a currency called Monero. Monero transactions are ...
source https://www.google.com/url?rct=j&sa=t&url=https://securityboulevard.com/2019/03/hundreds-of-vulnerable-docker-hosts-exploited-by-cryptocurrency-miners/&ct=ga&cd=CAIyGmM2Nzk3ODA2ZWViNjVjODI6Y29tOmVuOlVT&usg=AFQjCNF4P6HVjeR-pZ8cBTrrw-9m9o9L-A
