nothing new there
ssh attacks from amazon cloud aren't unheard of, something as covert as bot c&c could run for a while without detection.
Zeus bot found using Amazon's EC2 as C&C server
Add Amazon's EC2 to the roster of cloud-based services being exploited to do the bidding of malware gangs. Over the past few days, a new variant of the Zeus banking trojan has been spotted using the popular Amazon service as a command and control channel for infected machines. After marks get tricked into installing the …
This topic is closed for new posts.
No comment really
Just getting a good chuckle out of this one. After all the hype, look who really listened.
Am I the only one...
...that thought the Zeus kbot from Total Annihilation had taken over an Amazon server, and started hosting Command and Conquer games on it?
Mistaken
I PMd a copy of Banker doing this three months ago -- I thought.
Turned out that it was trying to report to a URL which had been shortened using one of those tinyURL services, and that service itself was hosted on EC2. Because the firewalls were blocking the (unproxied) access to the service, I never saw where it would ultimately have gone.
It's an worthwile technique because the attackers and re-point the URL as and when they see fit.
I presume this has been investigated by competent people and they haven't made the same mistake I did....
This topic is closed for new posts.
Sign up, sign up for The Register's weekly IT security newsletter - click here
Popular Whitepapers
- The BI Inflexion Point
Information is a right, not a privilege - Risk and Resilience
The application availability gamble - Register Research on: Agile development - is it right for you
Reaping the benefits of modern software practice - The Register Guide to managing spam
A primer on the implications for enterprise IT - The Register Guide to email security
A primer on the challenges of securing email and approaches to resolving them - High Performance for All
Responding to the needs of compute-intensive workloads
