AWS systems targeted by crypto mining scam using hijacked IAM credentials

Cybercriminals are targeting Amazon Web Services (AWS) customers using Amazon EC2 and Amazon ECS with cryptojackers, expert have warned. The cloud giant warned about the ongoing campaign in a recent ...
Dark Reading

Attackers Use Stolen AWS Credentials in Cryptomining Campaign

Attackers have been using compromised AWS Identity and Access Management (IAM) credentials to target cloud services in a sprawling cryptomining campaign that can deploy unauthorized miners 10 minutes ...
The Register on MSN

Crypto crooks co-opt stolen AWS creds to mine coins

Within 10 minutes of gaining initial access, crypto miners were operational' Your AWS account could be quietly running ...
Dark Reading

'TruffleNet' Attack Wields Stolen Credentials Against AWS

Attackers are abusing Amazon Web Services' (AWS) Simple Email Service (SES) via legitimate open source tools to steal credentials and infiltrate organizations to execute network reconnaissance. In ...
CSOonline

Credential harvesting tool Legion targets additional cloud services

Threat actors now use Legion to steal AWS-specific credentials from web servers to enable email and SMS spam campaigns. A commercial malware tool called Legion that hackers deploy on compromised web ...
Bleeping Computer

SCARLETEEL hackers use advanced cloud skills to steal source code, data

An advanced hacking operation dubbed 'SCARLETEEL' targets public-facing web apps running in containers to infiltrate cloud services and steal sensitive data. SCARLETEEL was discovered by cybersecurity ...