Unsecured AWS Buckets Spreading CryptoCurrency Malware
Attack Type: CryptoCurrency Mining
Delivery: Malicious script hosted on LA Times’ AWS S3 Bucket
Just in the past six months, documents have been exfiltrated from unprotected S3 buckets belonging to Verizon, the NSA, the U.S. military, French marketing company Octoly, and analytics firm Alteryx, which included data from credit reporting bureau Experian and the U.S. Census Bureau. Most recent incidents include Tesla, which left a Kubernetes console unprotected that had AWS access credentials, and Fedex, which openly exposed an archive of more than 119,000 scanned documents–including passports and drivers licenses–plus customer records including postal addresses.
Learn more about threats on Cisco Umbrella’s Threat Spotlight.
This guest blog is part of a Channel Futures sponsorship.