TL;DR: Several-second post-deletion validity window of IAM access keys exploited as a stealthy short-window persistence primitive.

Stub — to be filled in.

What it is

TODO

Preconditions / where it applies

TODO

Technique

TODO

Detection and defence

TODO

References

• https://gbhackers.com/attackers-abuse-aws-iams/