As cloud native computing continues to gain popularity, so does the risk posed by criminals seeking to exploit the unwary. One newly spotted method targets services on the AWS platform, but not necessarily the ones you might think.
Researchers from the Sysdig Threat Research Team (TRT) have uncovered a cryptojacking operation dubbed “AMBERSQUID,” which does not directly target EC2 instances that would trigger an approval for more resources.
Instead, according to researchers, it is aimed at often-overlooked services, such as AWS Amplify, AWS Fargate, and AWS Sagemaker.