New AlienFox toolkit harvests credentials for tens of cloud services


AlienFox is a new modular toolkit that allows threat actors to harvest credentials for multiple cloud service providers.

AlienFox is available for sale and is primarily distributed on Telegram in the form of source code archives. Some modules are available on GitHub allowing threat actors to customize their malicious code to suit their needs.

AlienFox allows its operators to harvest API keys and secrets from popular services including AWS SES & Microsoft Office 365.