Security News > 2023 > October > EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub
2023-10-30 10:56
A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service (AWS) identity and access management (IAM) credentials within public GitHub repositories to facilitate cryptojacking activities. "As a result of this, the threat actor associated with the campaign was able to create multiple AWS Elastic Compute (EC2) instances that they used for wide-ranging and
News URL
https://thehackernews.com/2023/10/elektra-leak-cryptojacking-attacks.html
Related news
- GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs (source)
- Clone2Leak attacks exploit Git flaws to steal credentials (source)
- New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Hackers leak configs and VPN credentials for 15,000 FortiGate devices (source)
- What's Yours is Mine: Is Your Business Ready for Cryptojacking Attacks? (source)
- New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits (source)
- New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks (source)
- Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft (source)
- Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant' (source)