Hackers Find Home In Amazon EC2 Cloud - Slashdot

Slashdot

Hackers Find Home In Amazon EC2 Cloud 89

Posted by CmdrTaco on Thursday December 10 2009, @01:27PM
from the don't-mind-us dept.

snydeq writes "Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure. This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity, according to threat researcher Don DeBolt. The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers and then secretly installing their command and control infrastructure."

This discussion has been archived. No new comments can be posted.

Hackers Find Home In Amazon EC2 Cloud

Search 89 Comments Log In/Create an Account

Comments Filter:

Re:If anything... (Score:1, Informative)

by Anonymous Coward writes: on Thursday December 10 2009, @01:35PM (#30390704)

And the security of Linux... You see , Amazon uses Apache + Linux in their cloud computing system, so the zealots have told me that such an attack is in fact impossible ;--)

Parent Share
twitter facebook
Not Amazon that got hacked (Score:4, Informative)

by Meshach (578918) writes: on Thursday December 10 2009, @01:39PM (#30390798)

According to the article it was not Amazon itself that got hacked but an "unidentified website on Amazon's cloud" that got hacked. The hackers then used that website to get onto the cloud and execute code.

Share
twitter facebook
This is not new (Score:3, Informative)

by ub3r n3u7r4l1st (1388939) * writes: on Thursday December 10 2009, @01:48PM (#30390976)

If you search "Xbox Host booting" on YouTube, there are hundreds of videos showing you how to utilize the mass computing power of the cloud to knock your opponent off from a Halo 3 session and get the win.

Share
twitter facebook
Re:Nothing really special (Score:2, Informative)

by DaTroof (678806) writes: on Thursday December 10 2009, @02:55PM (#30392146)

According to the second article [ca.com], it has been fixed.
Please Note:The legitimate hacked website was contacted and informed about its participation in the Zeus bot activity and accordingly has stopped serving the malicious variant.

Parent Share
twitter facebook
Re:Not Amazon that got hacked (Score:3, Informative)

by nacturation (646836) * writes: <nacturation@gmai[ ]om ['l.c' in gap]> on Thursday December 10 2009, @03:00PM (#30392258) Journal

According to the summary too: "The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers..."
No different than "a web site hosted on Rackspace's servers". I agree with the other posts that this is essentially a non-news item. So a server gets hacked. It doesn't matter that the server is in someone's basement or in a colo or a VM somewhere.

Parent Share
twitter facebook
Re:And? (Score:5, Informative)

by TooMuchToDo (882796) writes: on Thursday December 10 2009, @04:06PM (#30393246)

Link next time. I had to waste 10 seconds googling =) http://rationalwiki.com/wiki/Poe's_Law [rationalwiki.com]

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

473 commentsYour Passwords Don't Suck — It's Your Policies
418 commentsFBI Says American Universities Infiltrated by Spies
391 commentsAdobe Introduces the Paid Security Fix
343 commentsSymantec: Religious Sites "Riskier Than Porn For Viruses"
333 commentsOsama Bin Laden Didn't Encrypt His Files

I know you're in search of yourself, I just haven't seen you anywhere.