EleKtra-Leak

Type

Campaign

Actors

Pub. date

October 30, 2023

Initial access

Exposed secret

Impact

Resource hijacking

Observed techniques

Cloud compute cryptojacking Credential harvesting from code repository

References

https://unit42.paloaltonetworks.com/malicious-operations-of-exposed-iam-keys-cryptojacking/https://intezer.com/blog/research/a-rare-look-inside-a-cryptojacking-campaign-and-its-profit/

Status

Stub

Last edited

Jun 2, 2024 8:02 AM

Unit 42 researchers identified a campaign dubbed EleKtra-Leak, which performs automated targeting of exposed identity and access management (IAM) credentials within public GitHub repositories.