Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Find Home In Amazon EC2 Cloud

Posted by CmdrTaco on from the don't-mind-us dept.

snydeq writes "Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure. This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity, according to threat researcher Don DeBolt. The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers and then secretly installing their command and control infrastructure."

3 of 89 comments (clear)

  1. Re:If anything... by hesaigo999ca · · Score: 3, Interesting

    Not really, as everyone knows you have hotmail and gmail accounts that have commands updated each week for certain other types of botnet, so is that to spark a debate about whether or not we should allow hotmail or gmail, certainly not, however, it could go to show there should be a better security implementation on the servers hosting the clouds to quickly locate any compromised machines or code on the servers.

  2. the interesting thing is autoscaling and billing by noric · · Score: 4, Interesting

    The interesting thing about this case, to me, is that Amazon's lawful customer will receive a bill in the mail for hacker usage charges.

  3. Brute Force ssh attacks from Amazon by peterthomas2009 · · Score: 3, Interesting

    "This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity"

    I posted to my blog back in June that Amazon cloud nodes were compromised and performing brute force SSH scans against some of my hosts.

    This story and my post merely highlight the obvious fact that most cloud services are just scalable hosting. Remember your instance / slice / vm can be compromised like any other web host.

    Amazon Cloud Service Brute Force Attacks