FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits

FortiGuard Labs researchers identified a hacker group called “EC2 Grouper” that exploits compromised AWS credentials and tools. EC2 Grouper uses APIs for reconnaissance and resource creation, avoiding manual activity and relying on code repositories for credentials. Organizations can mitigate risks by using CSPM tools, monitoring for credential misuse, and detecting unusual API activity.