Hackers Find Home In Amazon EC2 Cloud

← Back to Stories (view on slashdot.org)

Hackers Find Home In Amazon EC2 Cloud

Posted by CmdrTaco on Thursday December 10, 2009 @05:27AM from the don't-mind-us dept.

snydeq writes "Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure. This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity, according to threat researcher Don DeBolt. The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers and then secretly installing their command and control infrastructure."

6 of 89 comments (clear)

Min score:

Reason:

Sort:

And? by Kenja · 2009-12-10 05:34 · Score: 4, Insightful

There is nothing intrinsic to a cloud of computers that makes them any different then the internet in general. Anything that makes use of unprotected computers on the internet will make use of a cloud as well. In fact, from a logical perspective, the internet is a cloud. Its just that access is generally curtailed in some way.

--

"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
1. Re:And? by Monkeedude1212 · 2009-12-10 05:53 · Score: 2, Insightful
  
  In fact the internet has been represented as a cloud long before cloud became a buzzword.
Nothing really special by Yetihehe · 2009-12-10 05:35 · Score: 5, Insightful

Hackers break into website, but it happens to be hosted on EC2. Hosting in cloud doesn't automagically make your sites more secure.

--
Extreme Programming - Redundant Array of Inexpensive Developers
This type of illegal activity? by quangdog · 2009-12-10 05:36 · Score: 4, Insightful

"This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity"

So, has it been used for other illegal things that have been reported on? Is it even possible for anyone to find out all the possible illegal uses of technolgies like cloud computing?
The "Deniable" Already Happens! by StCredZero · 2009-12-10 06:07 · Score: 2, Insightful

"This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity"
So, has it been used for other illegal things that have been reported on? Is it even possible for anyone to find out all the possible illegal uses of technolgies like cloud computing?
I'm willing to bet that folks like Apple, Google, Amazon, and Microsoft are already hiring "security consultants" to act as deniable intermediaries to other consultants using semi-legal (or flat-out illegal) means to gather information. Not only are arrangements like this being used for industrial espionage, but to gather intelligence on illegal operators who might hack into or otherwise subvert corporate resources like AWS or Google's cloud. This would just be an extension of what companies already do with "private detectives."
Someone needs to start writing novels about this!
WHAT???? by Colin+Smith · 2009-12-10 06:48 · Score: 2, Insightful

Hosting in cloud doesn't automagically make your sites more secure.
You mean... I still have to have people who can "manage" my systems?
NOOOO!!!!

--
Deleted