Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building large scale botnets. […]
Click here for original story, Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware
Source: Bleeping Computer