Threat Actor ‘Codefinger’ Targets Cloud Environments. A ransomware group is targeting Amazon S3 buckets, exploiting the data stored there using AWS’s server-side encryption with customer keys and demanding a ransom in exchange for the encryption key needed to unlock the data. The group uses compromised or publicly exposed AWS account credentials.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/ransomware-campaign-targets-amazon-s3-buckets-a-27294