|
|
|
|
|
|
by noahmasur
1457 days ago
|
|
|
In the article they claim the package is literally stealing the IAM role credentials from the EC2’s metadata URL. So it’s presumed that the code is already running on your EC2. Of course, just because it takes the credentials doesn’t mean it does anything else with them, but it could have done anything. |
|
|