AWS cryptojacking campaign abuses less-used services to hide. AMBERSQUID campaign exploits cloud services without triggering AWS approval processes. Attackers target services like AWS Amplify, AWS Fargate, and Amazon SageMaker. Attackers create roles in different services to host and execute miners. They abuse AWS CodeCommit, AWS CloudWatch, AWS CodeBuild, AWS CloudFormation, and Amazon EC2 Auto Scaling. Attackers also target Amazon ECS and Amazon SageMaker. Victims can incur running costs of $2,244 per day. Hashtags: #AWS #cryptojacking #cloudsecurity #AMBERSQUID

https://www.csoonline.com/article/652763/aws-cryptojacking-campaign-abuses-less-used-services-to-hide.html