Cybercriminal gangs are using vulnerabilities in cloud infrastructure such as AWS to steal data. Ironically, the attackers left the data that they stole in an AWS Simple Storage Service bucket which allowed the attack to be identified. Infrastructure passwords, source code, and other important information were stolen in this attack. The first step of the attackers process was to scan through IP’s that were registered to AWS and then doing a reverse lookup to try to obtain the passwords, keys, and other important data.
