Amazon's cloud services systematically exploited by cybercriminals

Summary:Security researchers from Kaspersky Labs have spotted yet another SpyEye crimeware variant using Amazon's Simple Storage Service (Amazon S3) for command and control purposes.

Security researchers from Kaspersky Labs have spotted yet another SpyEye crimeware variant using Amazon's Simple Storage Service (Amazon S3) for command and control purposes.

According to a graph released by the vendor, cybercriminals are systematically abusing Amazon's service for command  and control gateway, in an attempt to increase the average lifetime of the malware campaign.

This traffic camouflaging technique from a network perspective isn't new, what's new is the persistence shown in the graph in terms of systematically abusing the service.

Does crimeware in the cloud have a future? Most certainly, as cybercriminals appear to have been actively experimenting with the average lifetime for their malware campaigns, both, using rogue ISPs and netblocks, and legitimate cloud services, ultimately leading them to the conclusion that it's worth it.

Topics: Amazon

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.