Security researchers have encountered a new cryptojacking campaign that uses a new piece of malware called Migo that targets Redis servers on Linux hosts. The campaign came to light after Cado Security researchers noticed new commands exploiting Redis systems in the wild. Initial access According to Cado security, Migo is distributed as a Golang ELF […]
Researchers have identified an ongoing cryptojacking campaign, EleKtra-Leak, that targets exposed Identity and Access Management (IAM) credentials on GitHub repositories. The campaign has been active since December 2020, with as many as 474 unique Amazon EC2 instances found being used to mine Monero cryptocurrency between August 30 and October 6. Moreover, threat actors use these […]
A new cryptojacking operation has been found targeting lesser-known AWS offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to secretly mine cryptocurrency. Named AMBERSQUID, the campaign manages to exploit these cloud services without triggering AWS’s usual resource approval process. The services are referred to as uncommon since they are overlooked from a security […]
Sep 18, 2023THNCloud Security / Cryptocurrecy A novel cloud-native cryptojacking operation has set its eyes on uncommon Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to illicitly mine cryptocurrency. The malicious cyber activity has been codenamed AMBERSQUID by cloud and container security firm Sysdig. “The AMBERSQUID operation was able […]