Preventing This Week’s AWS Cryptomining Attacks: Why Detection Fails and Permissions Matter

18:07 - 19 Dec 2025

The recent discovery of a cryptomining campaign targeting Amazon compute resources highlights a critical gap in traditional cloud defense. Attackers are bypassing perimeter defenses by leveraging compromised credentials to execute legitimate but privileged API calls like ec2:CreateLaunchTemplate, ecs:RegisterTaskDefinition, ec2:ModifyInstanceAttribute, and lambda:CreateFunctionUrlConfig. While detection tools identify anomalies after they occur, they do not prevent execution, lateral [...]

The post Preventing This Week’s AWS Cryptomining Attacks: Why Detection Fails and Permissions Matter appeared first on Security Boulevard.

https://securityboulevard.com/2025/12/preventing-this-weeks-aws-cryptomining-attacks-why-detection-fails-and-permissions-matter/

Preventing This Week’s AWS Cryptomining Attacks: Why Detection Fails and Permissions Matter

Article info: