S3 Bucket Takeover

A s3 bucket takeover detected.

  • s3
  • bucket
  • domain
  • takeover
  • hijacking

AWS S3 is a highly scalable, high performance cloud storage service.

Impact

Attackers can register the missing S3 buckets to host malicious content on the domain referencing it. Subdomain Takeover attacks can be used for phishing and cross-site scripting.

Solution

Remove the record referencing the bucket or register the s3 bucket itself.

Was this page helpful?