Hackers Find Home In Amazon EC2 Cloud 89
snydeq writes "Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure. This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity, according to threat researcher Don DeBolt. The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers and then secretly installing their command and control infrastructure."
Re:Nothing really special (Score:3, Interesting)
I think the "special" part of the news is that since its being hosted on the cloud its harder to remove - since it'll be running on multiple computers capable of replicating itself across multiple machines. In order to purge it, you'd probably have to take down the entire infected cloud and clean it all seperately or at least all in synch.
Re:If anything... (Score:4, Interesting)
Not really, as everyone knows you have hotmail and gmail accounts that have commands updated each week for certain other types of botnet, so is that to spark a debate about whether or not we should allow hotmail or gmail, certainly not, however, it could go to show there should be a better security implementation on the servers hosting the clouds to quickly locate any compromised machines or code on the servers.
the interesting thing is autoscaling and billing (Score:4, Interesting)
Re:And? (Score:3, Interesting)
Brute Force ssh attacks from Amazon (Score:3, Interesting)
I posted to my blog back in June that Amazon cloud nodes were compromised and performing brute force SSH scans against some of my hosts.
This story and my post merely highlight the obvious fact that most cloud services are just scalable hosting. Remember your instance / slice / vm can be compromised like any other web host.
Amazon Cloud Service Brute Force Attacks [hackertarget.com]