Close Menu
    Facebook LinkedIn YouTube Instagram X (Twitter)
    Blue Tech Wave Media
    Facebook LinkedIn YouTube Instagram X (Twitter)
    • Home
    • Leadership Alliance
    • Exclusives
    • Internet Governance
      • Regulation
      • Governance Bodies
      • Emerging Tech
    • IT Infrastructure
      • Networking
      • Cloud
      • Data Centres
    • Company Stories
      • Profiles
      • Startups
      • Tech Titans
      • Partner Content
    • Others
      • Fintech
        • Blockchain
        • Payments
        • Regulation
      • Tech Trends
        • AI
        • AR/VR
        • IoT
      • Video / Podcast
    Blue Tech Wave Media
    Home » Crooks exploit AWS misconfigurations to steal data
    aws
    aws
    IT Infrastructure

    Crooks exploit AWS misconfigurations to steal data

    By Ava YangDecember 10, 2024No Comments2 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email
    • Cybercriminals exploited misconfigured websites to steal AWS credentials and sensitive data, using open S3 buckets for storage.
    • The breach highlights the importance of proper cloud security configurations and adhering to the shared responsibility model between providers and customers.
    • Attackers linked to ShinyHunters and Nemesis cybercrime groups utilized open-source tools to scan millions of AWS IP addresses for exposed credentials.

    What happened: ShinyHunters-linked crooks store stolen AWS credentials and secrets in open S3 buckets

    A large-scale cyber attack targeted AWS customers, where cybercriminals exploited misconfigurations in public websites to steal AWS credentials and other sensitive data. The attackers, linked to the ShinyHunters and Nemesis cybercrime groups, accessed over two TB of data, including source code, database credentials, and email service keys. The criminals used open S3 buckets, misconfigured by their victims, to store the stolen data. Researchers Noam Rotem and Ran Locar discovered the breach during scans for insecure cloud environments and reported it to AWS and the Israeli Cyber Directorate. This breach continued for several months, with attackers leveraging a variety of open-source tools and exploits to scan millions of AWS IP addresses for exposed credentials and secrets.

    Also Read: AWS unveils next-gen AI chips and cloud instances
    Also Read: AWS pledges $100M in cloud credits to boost education

    Why it’s important

    This breach highlights a critical vulnerability in cloud security: the shared responsibility model between cloud providers and their customers. Although AWS provides a secure infrastructure, customers are responsible for ensuring proper configuration and handling of sensitive data. The attackers exploited misconfigured public websites to steal credentials, keys, and secrets, emphasizing the risk of poor data management.

    A key issue was the criminals’ use of open S3 buckets to store over two TB of stolen data. This exposed the attackers’ infrastructure and underscored the dangers of unsecured cloud storage. Furthermore, the involvement of major cybercrime groups like ShinyHunters illustrates the sophisticated nature of these attacks. This breach serves as a reminder of the importance of securing AWS credentials and using tools like AWS Secrets Manager to prevent exposure.

    Cloud users need to adhere to security best practices, such as regularly auditing their cloud environments, securing sensitive data, and ensuring that credentials are not hardcoded in code or repositories. By following these precautions, the risks associated with cloud misconfigurations can be minimized, helping prevent breaches of this scale.

    AI AWS data Technology Trends
    Ava Yang

    Ava is a passionate inter reporter at BTW Media with a Master’s from the University of Leeds. She combines technical skills with creativity to share insights through analysis and storytelling. Contact her at a.yang@btw.media.

    Related Posts

    Vocus secures government greenlight for $3.4B TPG telecom deal

    July 8, 2025

    Indosat deploys Nokia AI to cut network emissions

    July 8, 2025

    Telecom Italia gets $810M loan to support network

    July 8, 2025
    Add A Comment
    Leave A Reply Cancel Reply

    CATEGORIES
    Archives
    • July 2025
    • June 2025
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023

    Blue Tech Wave (BTW.Media) is a future-facing tech media brand delivering sharp insights, trendspotting, and bold storytelling across digital, social, and video. We translate complexity into clarity—so you’re always ahead of the curve.

    BTW
    • About BTW
    • Contact Us
    • Join Our Team
    TERMS
    • Privacy Policy
    • Cookie Policy
    • Terms of Use
    Facebook X (Twitter) Instagram YouTube LinkedIn

    Type above and press Enter to search. Press Esc to cancel.