Abandoned S3 Buckets: The Cybersecurity Blunder That Almost Made Cozy Bear Look Amateurish!

WatchTowr uncovered 150 abandoned S3 buckets that were party central for cyber threats. This cybersecurity company found these buckets received over eight million requests, including from government networks and Fortune 500 companies. Had they been in malicious hands, these buckets could have fueled epic supply chain attacks. WatchTowr saved the day!

3P
Published: February 5, 2025 12:50 pmAdded: February 5, 2025 at 7:51 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like abandoned S3 buckets are the new haunted houses of the digital world: empty, eerie, and just begging to be filled with malicious mischief. Luckily, WatchTowr played the role of the friendly neighborhood ghostbusters, saving us from a potential cybersecurity horror show!

Key Points:

  • WatchTowr identified 150 abandoned Amazon S3 buckets that were once used by software products.
  • If exploited by cybercriminals, these buckets could have been leveraged for malware attacks.
  • Over two months, these buckets received over eight million HTTP requests.
  • Requests originated from sensitive sources including government and military networks.
  • WatchTowr collaborated with AWS and governments to secure the buckets and prevent abuse.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?