GUI-Vil Threat Group Exploits AWS for Crypto Mining

Threat Advisories

GUI-Vil Threat Group Exploits AWS for Crypto Mining

May 25, 2023
Threat Level
Amber
Attack Report

For a detailed threat advisory, download the pdf file here

Summary

GUI-Vil (p0-LUCR-1), an Indonesian threat group, conducts unauthorized cryptocurrency mining using personalized infiltration tactics. They exploit AWS, leveraging compromised credentials and vulnerabilities like CVE-2021-22205.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest