Security researchers from Kaspersky Labs have spotted yet another SpyEye crimeware variant using Amazon's Simple Storage Service (Amazon S3) for command and control purposes.
According to a graph released by the vendor, cybercriminals are systematically abusing Amazon's service for command and control gateway, in an attempt to increase the average lifetime of the malware campaign.
This traffic camouflaging technique from a network perspective isn't new, what's new is the persistence shown in the graph in terms of systematically abusing the service.
Does crimeware in the cloud have a future? Most certainly, as cybercriminals appear to have been actively experimenting with the average lifetime for their malware campaigns, both, using rogue ISPs and netblocks, and legitimate cloud services, ultimately leading them to the conclusion that it's worth it.