A new ransomware campaign encrypts Amazon S3 buckets using AWS's Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key.
https://www.bleepingcomputer.com/news/security/ransomware-abuses-amazon-aws-feature-to-encrypt-s3-buckets/
BleepingComputer /
npub1j7…v7hg2
2025-01-13 15:27:36
Author Public Key
npub1j7dz37jrwqhehe8ydzpk5kcjpnzzv53h7s54lj62nv5w9fcar34suv7hg2Published at
2025-01-13 15:27:36Event JSON
{
"id": "701461bf82e151b585c30b173524bb5903bddca35f0411226163b8ed5959dd25",
"pubkey": "979a28fa43702f9be4e468836a5b120cc4265237f4295fcb4a9b28e2a71d1c6b",
"created_at": 1736782056,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/BleepingComputer/statuses/113821748880774970",
"activitypub"
]
],
"content": "A new ransomware campaign encrypts Amazon S3 buckets using AWS's Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key.\n\nhttps://www.bleepingcomputer.com/news/security/ransomware-abuses-amazon-aws-feature-to-encrypt-s3-buckets/",
"sig": "c83e340000cb80bee9a6e418cd1a338e9394833f36b8bb3e8f8ec392ecead85909fd14b54d75050083b7a470894aac92fae9b172201f6fea7777e984e2e7b0ad"
}