Fake LockBit, Real Damage: Ransomware Samples Abuse Amazon S3 to Steal Data
November 5, 2024 at 02:48AM Golang ransomware abuses Amazon S3 Transfer Acceleration to exfiltrate victim files to attacker-controlled buckets, leveraging hard-coded AWS credentials. It disguises itself as LockBit ransomware to manipulate victims. AWS confirmed that this activity violates their policy, leading to account suspensions, highlighting the importance of monitoring cloud security. ### Key Takeaways from … Read more