Crooks make it rain by seeding cloud with zombies Malware operators are once again trying to generate profits from the cloud, this time by stealing the resources of infected computers and selling them to a new distributed-computing network, researchers from Kaspersky said. After infecting a computer, the malware downloads and installs the MetaTrader 5 Tester Agent, software …
I've and I'm sure many others have often had dedicated servers vastly overpowered that spend 90% of their time underused, except the providers rely on that just like a banker would.
In a symbiotic relationship a hacker should take over my server and not disturb what I'm doing, while protecting it against others trying to do the same. Just like parasites they should evolve very quickly and fight each other not to steal from me such as data but to operate without killing the host.
In return they get cash, I get a server I don't have to worry about and as long as the balance is kept nobody will actually use the 90% slack, maybe 20% to avoid killing off the host and it's environment which is the cloud?
The problem with that is that you have absolutely zero guarantee that the hackers are not doing something else, like quietly sending a copy of your private data somewhere else, or watching what your server is doing and maybe making changes on the fly to hurt your company.
And that's not even considering the whole "unauthorized access" thing.
last couple of servers that I had to deal with that were hacked, they were being used as mail zombies, and in one instance a 'private' ftp server with large amounts of copyrighted material on the server. the owner of the machine (the company I worked for) didn't like that...
That works out just fine until they turn out to be a bunch of f-tards and setup a hidden website filled with crap beyond recognition. And when the feds finally discover a new source of kiddie pr0n they'll be knocking at /your/ doorstep, not "theirs".
Is that really worth the risk ?
No offense but in such situations I truly think that the operator is just as responsible as the culprits who ran over his server.
Lets also not forget that a lot of our daily dose of spam and other garbage (malware for example) comes from servers in China, Taiwan and the Russian Federation who's admins apparently think just as you do: as long as my server does what I need it to do, who cares...
Well, 3/4 of Europe cares; a LOT even.
Those who used 100% and spammed would be fighting those who want to use an extra 10% and have a great interest in protecting a host.
Anyone who abused the host would kill it off either through it being wiped or being taken down by the data center or forcing their host to close it.
Earning $100 from one server would be enough for most benificial parasites. And they'd work very hard to protect that $100 or lose it.
This has been going on forever. We've been doing VDI in reverse and using desktop compute resources for legitimate purposes nearly as long. It's not mainstream, but it's been around a long time. In fact some of the technologies might trace back to Unix in the 1970's.
You don't even need Windows to carry out this sort of thing maliciously. If you have or corrupt a popular website you can implement it in Javascript, Java, or Flash for fine-grained problems and distributed network attacks in the background in addition to serving up user content in a platform-neutral, no-admin-rights required way. This is what LOIC is made of.
I wish this were put to more legitimate use. And I doubt the malicious uses can be stopped.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
