A new ransomware threat is targeting users of Amazon Web Services S3 buckets. The ransomware campaign is being conducted by a malicious actor known as Codefinger. The Codefinger attack uses AWS’s server-side encryption to encrypt data and then demand a ransom for the decryption keys. This threat is incredibly effective because of how Amazon’s server-side encryption is designed. As the attacker is able to directly integrate with AWS’s encryption infrastructure, it is impossible for the victim to recover their data without the attacker’s key. 

Read more: https://www.forbes.com/sites/daveywinder/2025/01/13/new-amazon-ransomware-attack-recovery-impossible-without-payment/?ss=cybersecurity