https://bit.ly/3SqoKU8 - 🔒 'Elektra-Leak' campaign targets public GitHub repositories, harvesting AWS cloud keys for crypto-mining. Attackers create Amazon EC2 instances, bypassing Amazon's quarantine controls. #CyberSecurity #ElektraLeak #CloudSecurity 🔎 Researchers from Palo Alto Networks report over 474 EC2 instances created for crypto-mining between Aug. 30 and Oct. 6. Full attacks launched within 5 minutes of IAM credential exposure. #CyberThreats #IAMSecurity 🚨 Despite Amazon's quick quarantine response, attackers persist, exploiting loopholes. Palo Alto's honey trap reveals real-time public GitHub repo scanning, and EC2 instance creation using exposed keys. #CloudProtection #AWSsecurity 👓 Investigation shows automated tools cloning public repos, scanning for AWS keys, and using VPNs for anonymity. Attackers deploy Monero cryptomining payloads, complicating tracking efforts. #CyberInvestigation #MoneroMining 🛡️ Amazon's efforts to quarantine exposed keys aren't foolproof, as attackers find unquarantined keys. Palo Alto suggests immediate revocation of exposed IAM credentials and generation of new ones. #AWSIAM #CloudDefense 🗣️ Experts urge fundamental security practices; advocate for authentication systems aiding developers in secure practices. Palo Alto recommends short-lived credentials in production environments.











