Robert McMillan of the IDG News Service is reporting that cyber criminals gained access to an Amazon Web Services (AWS) account, and used Amazon’s cloud infrastructure to manage and run its botnet. Expect more cloud-based attacks such as this one in the future.
The botnet was a Zeus bot (Zbot) variant. The Zeus trojan is a program that criminals use to gather personal and financial data from its victims.
Hackers that create trojans such as Zeus are becoming increasingly organized and function like corporations, according to a security recent report published by Microsoft. That structure enables regular malware release schedules, and gives criminals the ability to exploit complex vulnerabilities in software–even as operating systems become more secure.
Law enforcement has made some progress toward shutting down the data centers that criminals use to host their infrastructure, but the crooks are seemingly one step ahead, and have now migrated to Web-based services. IDG reports that unnamed law enforcement officials have begun to worry that stolen credit cards could be used to purchase cloud computing services such as AWS.
That’s a given. I hope that cloud providers take action to discover malware on their server, and have the capacity to shut it down before serious damage can be done. They have a responsibility to do so.