New Amazon Ransomware Attack—‘Recovery Impossible’ Without Payment
Threat researchers have identified a new “recovery impossible” ransomware campaign targeting Amazon Web Services. Here’s what ...
SecurityWeek14d
Compromised AWS Keys Abused in Codefinger Ransomware Attacks
A ransomware group tracked as Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C. A threat actor has been observed abusing compromised AWS keys to encrypt data in S3 ...
Codefinger ransomware encrypts Amazon S3 buckets
The Codefinger ransomware encrypts data in Amazon S3 buckets. There are many AWS access points circulating on the darknet ...
Htxt.Africa12d
How Codefinger is accessing AWS accounts
Codefinger is a new ransomware campaign that encrypts AWS S3 buckets. The attack uses AWS features to lock data and demand a ...
AWS S3 feature exploited by ransomware hackers to encrypt storage buckets
Attackers access storage buckets with exposed AWS keys The files are then encrypted and scheduled for deletion after a week ...
Hosted on MSN15d
Ransomware crew abuses AWS native encryption, sets data-destruct timer for 7 days
A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ...
The Hacker News13d
Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws
Python backdoor delivers RansomHub ransomware after SocGholish exploits outdated WordPress SEO plugins. Impact: lateral ...
Bleeping Computer15d
Ransomware abuses Amazon AWS feature to encrypt S3 buckets
The campaign was discovered by Halcyon, who reported that a threat actor named "Codefinger" had encrypted at least two victims. However, the operation could escalate or the tactic could be adopted ...