Security News > 2023 > October > EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub

2023-10-30 10:56
A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service (AWS) identity and access management (IAM) credentials within public GitHub repositories to facilitate cryptojacking activities. "As a result of this, the threat actor associated with the campaign was able to create multiple AWS Elastic Compute (EC2) instances that they used for wide-ranging and
News URL
https://thehackernews.com/2023/10/elektra-leak-cryptojacking-attacks.html
Related news
- Recent GitHub supply chain attack traced to leaked SpotBugs token (source)
- SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack (source)
- Australian pension funds hit by wave of credential stuffing attacks (source)
- PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks (source)
- That massive GitHub supply chain attack? It all started with a stolen SpotBugs token (source)
- Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
- Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials (source)
- Interlock ransomware claims DaVita attack, leaks stolen data (source)