Major Cyber Operation Exposed 2TB of Data, Linked to Nemesis and ShinyHunters
A major cyber operation has been uncovered, linked to notorious hacking groups Nemesis and ShinyHunters. The attack, which exploited vulnerabilities in poorly configured public websites, exposed over 2 terabytes of compromised data, including thousands of credentials and secrets.
The operation, connected to Sebastien Raoult and the defunct ShinyHunters group, involved a two-phase strategy: discovery and exploitation. Stolen information ranged from AWS keys to credentials for popular platforms like GitHub and Twilio. These credentials were marketed on Telegram channels for hundreds of euros per breach.
AWS collaborated with researchers and advised customers to use services like AWS Secrets Manager and rotate keys regularly. The company took steps to mitigate the attack's impact and notified customers of exposed credentials.
Experts warn that such operations persist, often linked to state-sponsored groups primarily from Russia and China. Proactive measures are crucial to safeguarding digital assets. AWS's response demonstrates the importance of vigilance and prompt action in protecting customer data.
Read also:
- Web3 gaming platform, Pixelverse, debuts on Base and Farcaster networks
- Amazon customer duped over Nvidia RTX 5070 Ti purchase: shipped item replaced with suspicious white powder; PC hardware fan deceived, discovers salt instead of GPU core days after receiving defective RTX 5090.
- Infiltration of Estonian airspace by Russian military aircraft
- Cyber aggression intensifies by China-backed TA415 group, targeting Taiwan's semiconductor production and supply networks
