Hackers are turning Amazon S3 bucket encryption against customers in new ransomware campaign - and they've already claimed two victims

Hackers are turning Amazon S3 bucket encryption against customers in new ransomware campaign - and they've already claimed two victims

Briefly

The rise of ransomware attacks exploiting AWS encryption capabilities poses a serious security threat, enabling hackers to lock down victim data with no recovery option.

ITProhttps://www.itpro.com/security/cyber-attacks/hackers-are-turning-amazon-s3-bucket-encryption-against-customers-in-new-ransomware-campaign-and-theyve-already-claimed-two-victims

The attackers have cleverly utilized AWS server-side encryption to gain control over victims' data. This method necessitates no vulnerabilities in AWS, just stolen credentials.

ITProhttps://www.itpro.com/security/cyber-attacks/hackers-are-turning-amazon-s3-bucket-encryption-against-customers-in-new-ransomware-campaign-and-theyve-already-claimed-two-victims

AWS's lack of ability to retrieve encrypted data in these cases is alarming, as the encryption keys are stored only by the attackers, leaving victims at their mercy.

ITProhttps://www.itpro.com/security/cyber-attacks/hackers-are-turning-amazon-s3-bucket-encryption-against-customers-in-new-ransomware-campaign-and-theyve-already-claimed-two-victims

Halcyon's report emphasizes that this is a disturbing evolution in ransomware tactics, marking the first recorded incident of such malicious use of AWS encryption.

ITProhttps://www.itpro.com/security/cyber-attacks/hackers-are-turning-amazon-s3-bucket-encryption-against-customers-in-new-ransomware-campaign-and-theyve-already-claimed-two-victims