Main Points:
– AMBERSQUID is a new cloud-native cryptojacking operation targeting uncommon AWS offerings like AWS Amplify, AWS Fargate, and Amazon SageMaker for illegal cryptocurrency mining.
– AMBERSQUID’s activity has been spotted and named by Sysdig, a security firm specializing in cloud and container security.
– Interestingly, AMBERSQUID managed to exploit these services without tripping AWS’s security measures.
Slip on your digital gloves folks, because it seems there’s a new player in town. Codenamed AMBERSQUID, this novel cloud-native cryptojacker has a taste for the rare. It’s been setting its sights on some prime cuts of Amazon Web Services (AWS) offerings, focusing on the elusive AWS Amplify, AWS Fargate, and—hold onto your processors—Amazon SageMaker, for some good, old-fashioned illicit cryptocurrency mining. Talk about casting a wide…cloud! (Sorry, couldn’t resist).
So, who sprung this digital varmint on us? Well, hats off to the cyber cowboys at Sysdig. If you’re not familiar with them, they’re a cloud and container security rodeo outfit who ride herd on these types of shenanigans. Kudos to them for spotting this cattle rustler in the vast open plain of the cloud. So in their honor, I propose a moment of silence…followed by a dad joke: Why don’t security folks trust the cloud? Because it has shady areas!
The real kicker though, and the part that would have us all tipping our virtual hats if we weren’t so rightfully annoyed, is that AMBERSQUID turned out to be quite the smooth operator. This maverick managed to exploit all these services without triggering the AWS security alarms. It’s like they danced right through AWS’s laser grid, without breaking a single beam…or dropping any popcorn on the floor (because according to all heist movies, that’s apparently a thing). Who knew cyber crime could be so…graceful?
The newly identified cloud-native cryptojacking operation, AMBERSQUID, is honing in on less common AWS offerings for illegal cryptocurrency mining, without tripping security measures. The sneaky miner was discovered by cloud and container security firm Sysdig, who’ve helped shed some light on this shady operative’s antics. Remember folks, not all cloud formations are formed equal, and this one is definitely raining on AWS’s parade!
Original Article: https://thehackernews.com/2023/09/new-ambersquid-cryptojacking-operation.html
No products in the cart.