all InfoSec news
Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife
Malware Analysis, News and Indicators - Latest topics malware.news
Executive Summary
- SentinelLabs analyzed several iterations of “AlienFox,” a comprehensive toolset for harvesting credentials for multiple cloud service providers.
- Attackers use AlienFox to harvest API keys & secrets from popular services including AWS SES & Microsoft Office 365.
- AlienFox is a modular toolset primarily distributed on Telegram in the form of source code archives. Some modules are available on GitHub for any would-be attacker to adopt.
- The spread of AlienFox represents an unreported trend towards attacking more minimal cloud services, …
alienfox amp api api keys army attackers aws campaigns cloud cloud service cloud service providers cloud services code credentials cryptomining distributed enable executive github keys knife malware analysis microsoft microsoft office microsoft office 365 modular modules office office 365 order popular secrets sentinellabs service service providers services ses source code spammer swiss army knife telegram trend