skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Ransomware Campaign Targets Amazon S3 Buckets for Extortion

/ 1 min read

🔐✨ New ransomware campaign exploits AWS encryption to hold data hostage. A threat actor known as “Codefinger” has launched a ransomware campaign that encrypts Amazon S3 buckets using AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C), demanding ransoms for decryption keys. Discovered by Halcyon, the campaign has already affected at least two victims, with potential for escalation. The attackers utilize compromised AWS credentials to access and encrypt data, making recovery impossible without their cooperation. Victims are threatened with data deletion if they attempt to alter account permissions. Amazon has been notified and advises customers to implement strict security measures, including disabling unused keys and minimizing account permissions to mitigate risks.

Source
{entry.data.source.title}
Original