<ul><li>The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn.</li><li>Codefinger utilizes AWS's Server-Side Encryption with Customer Provided Keys (SSE-C) for encryption and demands ransom for data recovery.</li><li>The ransomware campaign does not exploit any AWS vulnerabilities, but relies on publicly disclosed or compromised AWS keys.</li><li>Halcyon researchers recommend hardening AWS environments and collaborating with AWS support to mitigate the risks.</li></ul>

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Discover more