Amazon's GuardDuty team has uncovered a significant crypto mining campaign that has been exploiting AWS services since November. According to the официальной информации, это открытие подчеркивает продолжающиеся проблемы безопасности, с которыми сталкиваются облачные сервисы в быстро меняющемся ландшафте киберугроз.
Attackers Compromise IAM Credentials
The campaign involved attackers compromising credentials for Identity and Access Management (IAM) accounts, allowing them to deploy a malicious Docker Hub image. This image was used to initiate unauthorized crypto mining operations, leveraging AWS resources without the knowledge of the affected customers.
AWS Responds to the Threat
In response to this threat, AWS has taken proactive measures by removing the malicious image and notifying impacted users. However, the company has issued a warning that similar exploits may arise under different names, emphasizing the need for continuous vigilance and robust security practices among cloud service users.
In a notable shift, Amazon has withdrawn from negotiations to become the first tenant at Fermi Inc's AI data center, a decision that contrasts with the ongoing security challenges highlighted by Amazon's recent crypto mining discovery. For more details, see read more.
