Navigation
Recherche
|
Yearlong Supply-Chain Attack Targeting Security Pros Steals 390,000 Credentials
samedi 14 décembre 2024, 04:30 , par Slashdot
The objectives of the threat actors are also multifaceted. One is the collection of SSH private keys, Amazon Web Services access keys, command histories, and other sensitive information from infected devices every 12 hours. When this post went live, dozens of machines remained infected, and an online account on Dropbox contained some 390,000 credentials for WordPress websites taken by the attackers, most likely by stealing them from fellow malicious threat actors. The malware used in the campaign also installs cryptomining software that was present on at least 68 machines as of last month. It's unclear who the threat actors are or what their motives may be. Datadog researchers have designated the group MUT-1244, with MUT short for 'mysterious unattributed threat.' Read more of this story at Slashdot.
https://it.slashdot.org/story/24/12/13/2220211/yearlong-supply-chain-attack-targeting-security-pros-...
Voir aussi |
56 sources (32 en français)
Date Actuelle
mer. 18 déc. - 18:01 CET
|