Basic and ‘inept’ worm managed to compromise Docker hosts by exploiting misconfigurations. Some 2,000 Docker hosts have been attacked and infected by a relatively basic worm that exploits misconfigured permissions to download and run cryptojacking software as malicious containers.
Source: Dark Reading