Hackers Find Home In Amazon EC2 Cloud 89
snydeq writes "Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure. This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity, according to threat researcher Don DeBolt. The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers and then secretly installing their command and control infrastructure."
If anything... (Score:5, Funny)
Ready for prime time! (Score:5, Funny)
You know, if bot net operators are trusting the EC2 cloud for their mission critical operations, it has to be ready for prime time.
This is a stunning endorsement. Amazon should send out a press release.
I'm just pwning your server if that's ok... (Score:4, Funny)
When was the last time a criminal came up to your admin and said, "Hi, I'm going to install my unwanted rootkit on your server now so I can use it as a botnet."?
Yeah, it's like saying a burglar secretly robbed your house... Like he's really going to send you a postcard saying, "Tonight when you go to the movies, I'm going to pillage your apt.".
Re:And? (Score:4, Funny)
Wait a minute. I'm a manager, and I've been reading a lot of case studies and watching a lot of webcasts about The Cloud. Based on all of this glorious marketing literature, I, as a manager, have absolutely no reason to doubt the safety of any data put in The Cloud.
The case studies all use words like "secure", "MD5", "RSS feeds" and "encryption" to describe the security of The Cloud. I don't know about you, but that sounds damn secure to me! Some Clouds even use SSL and HTTP. That's rock solid in my book.
And don't forget that you have to use Web Services to access The Cloud. Nothing is more secure than SOA and Web Services, with the exception of perhaps SaaS. But I think that Cloud Services 2.0 will combine the tiers into an MVC-compliant stack that uses SaaS to increase the security and partitioning of the data.
My main concern isn't with the security of The Cloud, but rather with getting my Indian team to learn all about it so we can deploy some first-generation The Cloud applications and Web Services to provide the ultimate platform upon which we can layer our business intelligence and reporting, because there are still a few verticals that we need to leverage before we can move to The Cloud 2.0.
Re:I'm just pwning your server if that's ok... (Score:5, Funny)
When was the last time a criminal came up to your admin and said, "Hi, I'm going to install my unwanted rootkit on your server now so I can use it as a botnet."?
Yesterday. But since he wasn't asking a question, I couldn't say no. I advised him that his course of action was not one that I wished to occur and he politely informed me that it was "duly noted" and proceeded anyways. All in all, it was a nice verbal transaction and his posture was excellent, and I'm sure outside of his work he's a really nice guy. I wanted to ask him if he wanted to go for a couple of cold ones - but I think that might have been pushing it and didn't want to offend him.
To be honest, the thing that bugs me more than this backdoor to my machine is the regret that I never reached out to him more. A lost friendship, that will likely never have another chance at forming. Everytime that Antivirus XP pop-up comes on screen it reminds me of him. I've slowly come to realize that I am remembering him constantly, where he probably does not remember me at all. I shamefully admit that I cry myself to sleep, telling myself that one day he'll come back to me, and maybe out of remorse he'll remove the conficker and everything will be okay.
Re:And? (Score:3, Funny)
There we have it. Metrics never lie! Looks like you're on a one way trip to the executive suite!