Hackers have found a new way to make money using AWS services. They are using stolen login details to sneak into AWS accounts. Once inside, they set up their own crypto mining operations. This all happens very fast. Within just 10 minutes, they can start mining cryptocurrency.

The hackers use special tricks to stay hidden. They check the system first to see what they can do. They test their access without leaving a trace. This helps them avoid getting caught. They also create new roles and permissions. These roles let them control more parts of the system.

One of the sneaky tricks they use is called "disableApiTermination. " This stops the owner of the AWS account from shutting down the hackers' operations. It makes it harder for the good guys to stop the bad guys. This is not the first time this trick has been used. A security researcher showed how it could be done last year.

The hackers also use a special image to run their crypto mining software. This image has been taken down now. But while it was up, it helped the hackers make money. They also set up systems to automatically increase their computing power. This lets them mine more cryptocurrency.

To protect themselves, AWS users should follow some simple steps. They should use strong passwords and two-factor authentication. They should also limit who has access to what. This is called the principle of least privilege. Users should also monitor their systems for unusual activity.

This attack shows how hackers are getting better at using cloud services for their own gain. It's a reminder that everyone needs to stay vigilant. AWS users should always be on the lookout for suspicious activity.

AWS Under Siege: How Hackers Turn Cloud Into Crypto Cash

Actions