A hacker, named MUT-1244 by Datadog Security Labs, has breached hundreds of victims, including cybersecurity professionals and other cybercriminals, since October. They’ve stolen data such as SSH private keys and Amazon Web Services access keys, along with over 390k credentials from hackers, presumably bought on the dark web. MUT-1244 targets victims via phishing campaigns and GitHub attack tools, using different methods to drop payloads that steal sensitive information.
Yearlong supply-chain attack targeting security pros steals 390K credentials
Cybersecurity firm Datadog has revealed that actor MUT-1244 used proof-of-concept exploits and phishing emails to install malware @0xengine/xmlrpc, stealing around 390,000 credentials from infected machines.
