Attackers Install DDoS Bots On Amazon Cloud 25
itwbennett (1594911) writes "Attackers are exploiting a vulnerability in distributed search engine software Elasticsearch to install DDoS malware on Amazon and possibly other cloud servers. Last week security researchers from Kaspersky Lab found new variants of Mayday, a Trojan program for Linux that's used to launch distributed denial-of-service (DDoS) attacks. The malware supports several DDoS techniques, including DNS amplification. One of the new Mayday variants was found running on compromised Amazon EC2 server instances, but this is not the only platform being misused, said Kaspersky Lab researcher Kurt Baumgartner Friday in a blog post."
Re:But it's the cloud... (Score:5, Interesting)
If you choose a cloud offering which does that for you then yes, you don't have to worry about things like software updates and patching.
However, if you choose a cloud offering which is essentially a hosted server, then you still have to worry about all the things you would with your own local server, excluding power and hardware faults.
Amazon AWS is a platform provider, its not a fully managed solution and never has been - people have been caught out by that before when availability zones failed and suddenly people realised the benefit of having redundant instances in multiple availability zones.
Re:Stupid sensationalism (Score:2, Interesting)
My guess is they just looked at a couple EC2 machines, and since no one uses Azure or Google Compute Engine, they just didn't bother following up on those and made a blanket statement that it applies to all environments (which it does). This has nothing to do with EC2, or Azure or any other environment, really. This is a vulnerability in a piece of 3rd party distributed search engine software that a bunch of people were too lazy to update.
The real headline just doesn't perform quite as well as the clickbait they came up with.