Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Criminals for the past several weeks have been exploiting Amazon's Simple Storage Service (S3) cloud offering to spread SpyEye malware.
Amazon S3, a paid web service that enables users to store data or files in the cloud, has been heavily abused this month, according to Kaspersky Lab malware analyst Jorge Mieres.
SpyEye is an online banking trojan designed to steal money from victims' bank accounts. The malware is capable of evading sophisticated anti-fraud systems put in place by financial institutions.
Amazon S3 was included in domain names that distribute SpyEye which added legitimacy to the attacks, Mieres said. Users may not suspect they are being duped by attackers when stumbling to one of the nefarious sites.
Those behind the campaign are using stolen identity and credit card data to open Amazon accounts needed to use the web storage service.
“Despite being a paid service, the cost is not an obstacle for profitable attackers,” Mieres said.
Amazon could not be reached at the time of publication. Kaspersky Lab, however, has reported the malicious domains to the cloud computing giant.
Online vandals regularly abuse cloud services as part of their operations, Mieres said. Many other cloud services offer free content hosting, making it even easier for cybercriminals.
Malicious actors have in the past leveraged Amazon's Elastic Compute Cloud (EC2) service as the command-and-control server for Zeus, another prevalent banking trojan.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.