Full Report
On 2024-04-09, a campaign was reported, involving 0ktapus, gaining initial access via End-user compromise, while using Exfiltration via AWS Transfer, Exfiltration via AWS DataSync, Cloud API e, to achieve Data exfiltration.
Analysis Summary