New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services


In order to covertly mine cryptocurrency, a revolutionary cloud-native cryptojacking operation has its sights set on specialized Amazon Web Services (AWS) products like AWS Amplify, AWS Fargate, and Amazon SageMaker. The cloud and container security company Sysdig has given the hostile cyber behavior the codename AMBERSQUID.

“The AMBERSQUID operation was able to exploit cloud services without triggering the AWS requirement for approval of more resources, as would be the case if they only spammed EC2 instances,” Sysdig security researcher Alessandro Brucato wrote in a study posted with The Hacker News.x000D Targeting numerous services also presents additional difficulties, such as incident response, as it necessitates locating and eliminating all miners in each service that has been exploited.

Read More…