Legion Malware Upgraded to Target SSH Servers and AWS Credentials

The generic malware known as Legion has been updated with new capabilities to compromise SSH servers and the Amazon Web Services (AWS) login credentials for DynamoDB and CloudWatch. “This recent update demonstrates a widening of scope, with new capabilities such as the ability to compromise SSH servers and retrieve additional AWS-specific credentials from Laravel web applications,” Cado Labs researcher Matt Muir said in a report posted with The Hacker News.

With each version, the developer’s targeting of cloud services is evidently becoming better. The cloud security company published the first report on the Python-based hacking tool Legion last month, showing its capacity to infiltrate weak SMTP servers and steal credentials.

Legion Malware Upgraded to Target SSH Servers and AWS Credentials

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Legion Malware Upgraded to Target SSH Servers and AWS Credentials

24-May-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address