A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant’s own server-side encryption with customer provided keys (SSE-C) to lock up victims’ data before demanding a ransom payment for the symmetric AES-256 keys…
Article Source
https://www.theregister.com/2025/01/13/ransomware_crew_abuses_compromised_aws/