Summary: Recent research reveals the significant threat posed by abandoned cloud storage buckets, particularly on Amazon AWS S3, which can be exploited by malicious actors to deliver malware and conduct various attacks. Through their study, researchers from watchTowr registered unused buckets originally belonging to reputable organizations and found that they received millions of requests, highlighting the vulnerability of such abandoned resources. The findings indicate a need for stronger measures to prevent the re-registration of old bucket names to mitigate potential cyber threats.
Affected: Amazon Web Services (AWS), various organizations including governmental and Fortune 500 companies
Keypoints:
- Abandoned cloud storage buckets can be easily re-registered by malicious actors to deliver malware.
- Research by watchTowr showed that 150 abandoned AWS S3 buckets received 8 million file requests in two months.
- Recommendations include preventing registration of S3 buckets with previously used names to eliminate this vulnerability.
Source: https://www.darkreading.com/remote-workforce/abandoned-aws-cloud-storage-cyberattack-vector