Cryptojackers Use IAM Credential Within Five Minutes of Discovery
Cryptojackers Use IAM Credential Within Five Minutes of Discovery
01 November 2023
EleKtra-Leak, an ongoing cryptojacking campaign, exploits exposed IAM credentials on GitHub to mine Monero. The attackers are said to have used each stolen credential within five minutes of its discovery. The payloads are delivered via a Google Drive URL, another widely used application, to evade detection.
It is recommended to audit the GitHub repository cloning events for any suspicious operations and secure the exposed keys.