Languagesx
English Deutsch 日本 한국어
Subscribe
Home Bank Login-Stealing Botnet Found Hiding in Amazon Cloud

Bank Login-Stealing Botnet Found Hiding in Amazon Cloud

We’ve all heard security nerds complain about the vulnerabilities of cloud computing; here’s the news they’ve been waiting for.

Black-hat hackers got into an unnamed website hosted on Amazon’s servers then proceeded to install an illegal command and control infrastructure. Named America’s number one most wanted botnet, Zeus was discovered on Amazon’s Elastic Compute Cloud (EC2) by security researchers yesterday.

The Zeus Trojan is a keylogger designed to steal data such as login credentials, account numbers and credit card information. It creates fake HTML forms on banking login pages to allow hackers to steal user data. This particular botnet has been linked to around $100 million in bank fraud in 2009.

Although we don’t yet have details on exactly how the website in question was hacked, we have learned that the software has been removed from the Amazon cloud. This incident is the first example of malware being found on AWS’ infrastructure.

As we were warned by black hats in April this year, cloud computing carries certain risks and opportunities for exploitation. Our own Sarah Perez wrote:

In another part of the Sensepost presentation, they looked specifically at vulnerabilities of Amazon’s Web Services. To start off, they detailed the process involved in setting up a new instance on EC2… While Amazon has provided 47 machine images they built themselves, the remaining 2721 images were build by other EC2 users. Can you really believe that all of these images were built securely? Basically, the template directory is just a big archive of user-generated content. And you know what user-gen content is like… risky.

As John Pescatore told the Financial Times, “The security of these cloud-based infrastructure services is like Windows in 1999. It’s being widely used and nothing tremendously bad has happened yet. But it’s just in early stages of getting exposed to the Internet, and you know bad things are coming.”

Will hackers continue to employ web services to carry out their schemes in 2010? Twitter, Facebook, Google Apps, and now Amazon Web Services have all been used for evil this year. How can websites, corporations, and end users be smarter about online security to avoid personal and financial loss next year? Let us know what you think in the comments.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the gambling and blockchain industries for major developments, new product and brand launches, game releases and other newsworthy events. Editors assign relevant stories to in-house staff writers with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags

Related News

Incognito on Google Chrome
Google might be making it easier to go Incognito in Chrome
Rachael Davies
YouTube home page on a laptop with videos visible
YouTube videos no longer playing for adblocker users as platform crackdowns
Sophie Atkinson
Suspect arrested in $100M Incognito Market dark web drugs operation. The image depicts a scene of a dark web marketplace. The setting appears to be a dimly lit, underground room with neon lights. The sign above the entrance reads "DARK WEB MARKETPLACE" in bright red neon letters. Inside, several individuals are seated at tables, each interacting with holographic computer screens displaying various illegal goods and activities, such as a marijuana leaf and cryptocurrency symbols. The individuals are dressed in dark, hooded clothing, with some wearing masks and goggles to conceal their identities. The atmosphere is secretive and tense, highlighting the illicit nature of the transactions taking place.
Suspect arrested in $100M Incognito Market dark web drugs operation
Suswati Basu
Microsoft pending an update
How to uninstall Microsoft Edge
Rachael Davies
A stunning 3D render of a detailed map of Europe, characterized by intricate lines of connectivity crisscrossing the entire continent. The map is rendered in a muted color palette, with distinct shades of green, brown, and gray for landmasses, and a vibrant blue for bodies of water. The connectivity lines, shimmering with a subtle glow, highlight the interconnectedness of cities, countries, and regions, symbolizing the flow of people, ideas, and commerce.,
Small browser companies like DuckDuckGo and Ecosia see user surge in Europe
Sophie Atkinson

Most Popular Tech Stories

Latest News

Gambling

As cost of living rises in the US, what could this mean for the gambling industry?
Rachael Davies5 hours

The cost of living is on the rise in the US, so how could this affect the gambling industry? According to the US Consumer Price Index (CPI), the cost of...

Popular TopicsArrow right.svg

Betting
Betting
Betting
Casino
Casino
Casino
Payments
Payments
Payments
Slots
Slots
Slots
Poker
Poker
Poker
Software
Software
Software

Get the biggest iGaming headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Gambling News

    Explore the latest in online gambling with our curated updates. We cut through the noise to deliver concise, relevant insights, keeping you informed about the ever-changing world of iGaming and its most important trends.

    In-Depth Strategy Guides

    Elevate your game with tailored strategies for sports betting, table games, slots, and poker. Learn how to maximize bonuses, refine your tactics, and boost your chances to beat the house.

    Unbiased Expert Reviews

    Honest and transparent reviews of sportsbooks, casinos and poker rooms crafted through industry expertise and in-depth analysis. Delve into intricacies, get the best bonus deals, and stay ahead with our trustworthy guides.