Type
Campaign
Actors
Unknown
Pub. date
October 30, 2023
Initial access
Exposed secret
Impact
Resource hijacking
Observed techniques
Cloud compute cryptojackingCredential harvesting from code repository
References
https://unit42.paloaltonetworks.com/malicious-operations-of-exposed-iam-keys-cryptojacking/https://intezer.com/blog/research/a-rare-look-inside-a-cryptojacking-campaign-and-its-profit/
Status
Stub
Last edited
Jun 2, 2024 8:02 AM
Unit 42 researchers identified a campaign dubbed EleKtra-Leak, which performs automated targeting of exposed identity and access management (IAM) credentials within public GitHub repositories.