AWS S3 feature exploited by ransomware hackers to encrypt storage buckets
Attackers access storage buckets with exposed AWS keys The files are then encrypted and scheduled for deletion after a week Halycon says it observed at least two victims being attacked this way ...
Hosted on MSN15d
Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days
A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ...
healthcareinfosecurity.com8d
Amazon Details Measures to Counter S3 Encryption Hacks
Amazon is urging its customers to deploy additional security measures to secure S3 buckets following reports of ransomware ...
Codefinger ransomware encrypts Amazon S3 buckets
The Codefinger ransomware encrypts data in Amazon S3 buckets. There are many AWS access points circulating on the darknet ...
Bleeping Computer15d
Ransomware abuses Amazon AWS feature to encrypt S3 buckets
A new ransomware campaign encrypts Amazon S3 buckets using AWS's Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the ...
CSOonline14d
Act fast to blunt a new ransomware attack on AWS S3 buckets
A threat actor is leveraging AWS’s own encryption against victim firms with no way out except paying for decryption keys, ...
SecurityWeek14d
Compromised AWS Keys Abused in Codefinger Ransomware Attacks
A ransomware group tracked as Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C. A threat actor has been observed abusing compromised AWS keys to encrypt data in S3 ...