New malware named AlienFox is being used to
steal
data from AWS, Google Cloud, and Microsoft.
The malware is being distributed primarily on Telegram.
The main use of AlienFox is to enumerate misconfigured hosts via scanning platforms like
LeakIX
and
SecurityTrails
, and then extract credentials that are stored on servers.
-
This malware specifically targets servers that are used in conjunction with popular web frameworks such as:
- WordPress
- Laravel,
- Drupal,
- Magento, etc.
- Researchers have stated that they have tracked three variants starting in early 2022.
- Its most recent addition is the ability to create a new Amazon account using specific email addresses that are not linked with any accounts already.
- According to researchers, being breached through this flaw could lead to extra service costs and loss of customer trust.
أضف تعليقاً: