AWS Buckets Misconfigured, Decryptor Available for GrandCrab Ransomware

28 Feb 2018 - Around the Web

Study: Two Percent of AWS Buckets Are Openly Accessible, Lack Write-Protection
French security firm HTTPCS conducted a survey on the security of Amazon Web Services (AWS) buckets, finding that 90 percent of the buckets are not publicly accessible, meaning they are not openly exposed on the Internet. However, among the remaining ten percent, some 58 percent (5.8 percent of all AWS buckets) contain readable files. Worse yet, 20 percent of the publicly available buckets (2 percent of all buckets) contain not only readable but writable files as well. These findings reinforce the work of researchers like Chris Vickery and others, who’ve made headlines in recent months after discovering insecure AWS servers exposed on the open Internet.

Decrypt Tool Developed for GrandCrab Ransomware
Researchers from antivirus firm Bitdefender, Europol, Romanian Police, and the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) have developed and made publicly available a tool that can  decrypt machines infected by the GrandCrab ransomware in lieu of payment. GrandCrab has attracted the attention of numerous research and news outlets in recent weeks, perhaps most notably BleepingComputer, as it locked down machines and demanded ransoms ranging from $400 to $700k. Some 50,000 people are said to remain infected by the ransomware.

Transform Your Siloed Security Operations into a Holistic Security Operations Program

Get in Touch Group