As usage of Tigris has grown, so has the need to protect it from abuse. Tigris is a globally distributed, multi-cloud object storage service with built-in S3 API support, and as more developers rely on it for performance and scale, we've also seen a natural increase in attempts to misuse the platform.
Earlier this year, a campaign dubbed "DeceptionAds" came to light, where attackers used fake CAPTCHAs hosted on trusted services to trick users into running malicious commands. The end result: installation of the Lumma info-stealer malware, which exfiltrates sensitive information like passwords and financial data. The attackers used a combination of Bunny CDN (a legitimate content delivery network) and BeMob (an ad tracking service) to distribute and cloak their payloads - demonstrating how malicious actors increasingly hide behind reputable infrastructure to evade detection.
