Zero Day

Ryan Naraine and Dancho Danchev

Amazon's cloud services systematically exploited by cybercriminals

By Dancho Danchev | July 29, 2011, 8:36am PDT

Summary: Security researchers from Kaspersky Labs have spotted yet another SpyEye crimeware variant using Amazon’s Simple Storage Service (Amazon S3) for command and control purposes.

Security researchers from Kaspersky Labs have spotted yet another SpyEye crimeware variant using Amazon’s Simple Storage Service (Amazon S3) for command and control purposes.

According to a graph released by the vendor, cybercriminals are systematically abusing Amazon’s service for command and control gateway, in an attempt to increase the average lifetime of the malware campaign.

This traffic camouflaging technique from a network perspective isn’t new, what’s new is the persistence shown in the graph in terms of systematically abusing the service.

Does crimeware in the cloud have a future? Most certainly, as cybercriminals appear to have been actively experimenting with the average lifetime for their malware campaigns, both, using rogue ISPs and netblocks, and legitimate cloud services, ultimately leading them to the conclusion that it’s worth it.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

90,000+ pages compromised in mass iFrame injection attack

Facebook offering cash for security vulnerabilities

Topics

Amazon.com Inc., Cybercriminal, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Full Bio
Disclosure
Contact

Vendor HotSpot

Here to help you with your Document Management Needs

Read the DocuMentor blog now

Learn More »

Talkback Most Recent of 6 Talkback(s)

Follow via:: RSS; Email Alert

RE: Amazon's cloud services systematically exploited by cybercriminals

Do the miscreants pay their bills on time? And do they tend to prefer multi-tenancy ?

Perhaps, paying customers is all Amazon cares about. Plus, they can beef up their usage statistics with the miscreants as proof that the cloud is on fire.
Rabid Howler Monkey
29th Jul
- Reply to
- Flag
RE: Amazon's cloud services systematically exploited by cybercriminals

That's one major problem that could come of the cloud computing era. If cyber criminals get ahold of some of the information stored there, it could really be a problem. printer ink
rctnp6
18th Oct
- Reply to
- Flag
Another reason why Apple is winning.

You can be sure the iCloud will be criminal-proof as it's based on rock-solid Unix.
MSFTWorshipper
2nd Aug
- Reply to
- Flag
patek philippe replica watches

An unacceptable love needs no sorrow but time- sometime for forgetting.A badly-hurt heart needs no sympathy but understanding.?
wrist watches
freelove11
10th Aug
- Reply to
- Flag
RE: Amazon's cloud services systematically exploited by cybercriminals

If you think about it...this is pretty smart on their behalf. Even using facebook as another medium...or even paypal. These cyber criminals are very resourceful.
girls dresses
Izzy Mass
5th Oct
- Reply to
- Flag
RE: Amazon's cloud services systematically exploited by cybercriminals

One of the reasons cyber criminals don't target certain systems is because it isn't worth it since the market share is so low. Check out Deadbeat Super Affiliate if you are trying to make money online by becoming a super affiliate with Amazon or Ebay.
seolair
7th Oct
- Reply to
- Flag