Exploiting cloud environments is no longer a novel concept; hackers have been refining their tactics and sophistication over the past few years. According to recent analysis by Unit 42 researchers at Palo Alto Networks, a major attack campaign has recently targeted Amazon Web Services (AWS), potentially compromising over 230 million unique cloud environments.
These attackers have achieved their reach by accessing (.env) files, which are often overlooked by security tools but can contain sensitive information such as code access for various programs and services. By exploiting these files, attackers have been able to infiltrate corporate networks.
Gaining entry into company networks can be challenging, but accessing AWS API calls and manipulating IAM (Identity and Access Management) privileges using Lambda functions can simplify the process. This allows hackers to exert full administrative control and access.
The scale of the attack is significant, with hackers exfiltrating data from over 110,000 domains and more than 230 million unique cloud endpoints. These breaches have affected large S3 buckets, where hackers can delete information if their ransom demands are not met after taking over accounts.
On a different note, Amazon Web Services is expanding its operations in South India by establishing new IT infrastructure in Hyderabad. This expansion aims to enhance its global AI capabilities.
Additionally, Amazon is launching a new dedicated data center named ‘Amazon Air,’ formerly known as Prime Air. This AI-driven infrastructure will be used exclusively for Amazon’s air cargo network, aiming to optimize Amazon Logistics and improve overall service efficiency.
Ad