Suspicious activity

EC2 Cluster with Execution:EC2/SuspiciousFile GuardDuty Alert Found

Risk Level

Informational (4)



Suspicious File detection indicates that potentially unwanted programs such as adware, spyware, or dual use tools are presented on an impacted resource. These programs could have a negative impact on your resource, or be used by attackers for malicious purposes.
  • Recommended Mitigation

    It is recommended to isolate the impacted EC2 instance, analyze it, and in case you are unable to identify any threat, stop any unauthorized activity on your EC2 instance. In case there is no confidence in the machine's sanity, you may terminate the compromised EC2 instance and replace it with a new one.