Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal DataThis article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions.
Source:
Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data