When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Cybercriminals have started abusing legitimate AWS S3 features to encrypt victim buckets in a unique twist to the oldransomwareattack.
Researchers from Halycon recently observed multiple victims, all AWS native software developers, being attacked this way.
Marking files for deletion
But thats not where creativity ends with Codefinger.
The group does not threaten to release the files to the public, or delete it.
“Data destruction represents an additional risk to targeted organizations.”
The spokesperson also stressed AWS encourages all customers to follow security, identity, and compliance best practices.
Developer workstations use Identity Center to obtain short-term credentials backed by their longer-term user identities protected by MFA tokens.
Even secure access to non-AWS technologies can be protected using the AWS Secrets Manager service.
