Skip to main content

TECH 26 AUGUST 2020 Patrick Thompson Mitiga, an incident readiness and response company, has discovered that a product available on Amazon Web Services Marketplace contained Monero mining malware. Mitiga published their findings, noting that they discovered the malware when conducting a security audit for a financial services company. “Mitiga’s security research team has identified an AWS Community AMI containing malicious code running an unidentified Monero crypto miner,” according to the Mitiga’s blog post. “We have concerns this may be a phenomenon, rather than an isolated occurrence.” Malware on AWS Marketplace Unfortunately, the AWS marketplace allows anyone to sell virtual services on its marketplace. Although the marketplace is full of verified vendors, it also contains offerings from unverified community members. Mitiga discovered that one community member was selling a Windows 2008 virtual server that secretly used the computing power of anyone who downloa



Mitiga, an incident readiness and response company, has discovered that a product available on Amazon Web Services Marketplace contained Monero mining malware. Mitiga published their findings, noting that they discovered the malware when conducting a security audit for a financial services company.

"Mitiga's security research team has identified an AWS Community AMI containing malicious code running an unidentified Monero crypto miner," according to the Mitiga's blog post. "We have concerns this may be a phenomenon, rather than an isolated occurrence."

Malware on AWS Marketplace
Unfortunately, the AWS marketplace allows anyone to sell virtual services on its marketplace. Although the marketplace is full of verified vendors, it also contains offerings from unverified community members.

Mitiga discovered that one community member was selling a Windows 2008 virtual server that secretly used the computing power of anyone who downloaded it to mine Monero in the background. Although it may come as a surprise that Monero mining malware was present on Amazon's AWS Marketplace, Amazon's policy clearly states that:

"Amazon can't vouch for the integrity or security of AMIs shared by other Amazon EC2 users. Therefore, you should treat shared AMIs as you would any foreign code that you might consider deploying in your own data center and perform the appropriate due diligence. We recommend that you get an AMI from a trusted source."

Reducing the attack vector
To avoid falling victim to malware that might live within community offerings on the AWS marketplace, Mitiga recommends "verifying or terminating these instances [unverified offerings], and seeking AMIs from trusted sources"

"As AWS customer usage is obfuscated, we can't know how far and wide this phenomenon stretches without AWS's own investigation," said Mitiga. "We do however believe that the potential risk is high enough to issue a security advisory to all AWS customers using Community AMIs."

Comments

Post a Comment

Popular posts from this blog

What is TogaCoin?

TogaCoin is here to stay for a long time because this token sale is not only about cryptocurrencies but also about other important areas of the world economy. Yes, you heard it right and we will be telling you more interesting things about this token sale right away. Unique Selling Points You will be paid during the token sale. Yes, it is true and you should think about it right away. In fact, you could end up earning up to 20% of the invested money per month. Really? Yes, it is true and you should be happy with it. Explainer video Features These guys have a lot of experience in the world of IT and they will shine with this token sale. TogaCoin's staff will work on the important field of cryptocurrency mining and even in data management. These are amazing fields that could generate a lot of money down the road. Technical Analysis Well, TogaCoin will work hard to make money via these activities: -0Electricity is a very important part of the world econom...
Post a Comment
Read more

The Bitquence Liquidity Network

CryptoCurrency is gaining popularity, however with Bitcoin very user-unfriendly mass adoption is not coming. The Bitquence Platform is aiming to replace Bitcoin with it's many disadvantages with something better. A currency for the people. More and better usability, A wallet which is universal and support several coins, like Bitcoin but also Dash and Ethereum. Please read along to get the latest information about this project which can grow very large. Collection of abnormal pockets programs, With automated sources that oversee a large number of wallets for each and every of your financial paperwork making it exhausting to do. International Cryptocurrencies lately stay on experiencing an especially noteworthy increment, impulsively reaching colossal valuations. The have an effect on at the present economic system modified the psyches of people to take after enhancements within the time of Cryptocurrency. Virtual kinds of cash and blockchain innovation are lat...
Post a Comment
Read more

GrantShares DAO launching to support ecosystem growth and grassroots initiatives

The GrantShares DAO is launching on Neo N3 to distribute funding to grassroots developers and ecosystem beneficial projects. The DAO will manage an initial treasury funded by the Neo Foundation. As the first DAO to launch on Neo N3, GrantShares is designed to provide financial support to smaller initiatives that do not currently fit the scope of Neo's existing grant programs. Voting members of the organization include COZ, AxLabs, Red4Sec, NGD Enterprise, NeoResearch, NEXT, Neo SPCC, Neo Foundation, Neo Global Development, and Neo News Today. Anyone is encouraged to submit a proposal for the members of the DAO to discuss and vote. The initial funding limit for GrantShares is $50,000 per proposal, and can be used to fund local events, dApps, developer tools, education initiatives, and more. Projects seeking larger amounts should apply for grants through one of Neo's Eco Support tracks. The DAO's smart contracts are developed and maintained by AxLabs and have already been dep...
Post a Comment
Read more