AndroxGhost – the python malware exploiting your AWS keys
Lacework
DECEMBER 6, 2022
CreateLoginProfile - creates a login profile for the new user to access the management console. If previous steps are successful, the malware writes login data to a configuration file for later use. Figure 5 – hardcoded UA in.env scanning function & androxgh0st POST. Password is also hard coded in python program.
Let's personalize your content