Amazon says Russian hackers behind major cyber campaign to target Western energy sector
techradar.com
- AWS says Russian GRU‑linked groups have spent years exploiting misconfigured edge devices to persist inside Western critical infrastructure
- Activity overlaps with Curly COMrades, whose tooling abuses Hyper‑V and Linux VMs for stealthy persistence
- Amazon urges urgent audits of edge gear, credential‑reuse checks, and monitoring for suspicious admin‑portal access
For almost half a decade, Russian state-sponsored threat actors have been abusing misconfigurations in network gear, as well as different vulnerabilities, to establish persistence in key infrastructure organizations in the west, experts have warned.
In a new threat report (va The Register), CJ Moses, Chief Information Security Officer (CISO) at Amazon Integrated Security, highlighted the scale of the campaign, which has been ongoing for several years.
"The campaign demonstrates sustained focus on Western critical infrastructure, particularly the energy sector, with operations spanning 2021 through the present day," Moses said.
Copyright of this story solely belongs to techradar.com . To see the full text click HERE