Google’s AppEngine Used for Spamming Malware
According to online security company Arbor Networks, a botnet came into light during the 1st week of November 2009 that distributed spam and malware with the help of Google AppEngine.
Actually on November 9, 2009, Arbor Networks wrote in a blog that a malware had been found that contacted a distantly accessible account for downloading certain URLs. Overall, this incident might have little news value since botnets are known to utilize virtually each and every communication protocol to obtain up-to-date information and code.
However, the discovery was unique because the malware, which supplied URLs to the bot herd, was operating on the Google AppEngine application.
The malware tapped Google's AppEngine to make it the chief command and control medium for issuing instructions to various botnets.
More specifically, through the customized program, download commands were relayed to computers which had already been infected and added to a network of bots, said Jose Nazario, Manager of Security Research at Arbor Networks, as reported by The Register on November 9, 2009.
While many ISPs provide ways to relay information for free along with means to notify other users that it is present, malware writers find these services very useful as they utilized the Google AppEngine for regulating their bots.
Google also confirmed that bot herders were employing its AppEngine for issuing instructions to infected PCs interconnected in huge networks. When the Arbor researcher (who detected the particular exploit) notified Google about it, the Internet giant immediately withdrew the application.
However, Google's unintentional distribution of malware isn't anything new. On November 9, 2009, the Koobface botnet was also targeting 'Google Reader' to transmit harmful web-links via social networking sites like Facebook and Twitter. Clearly, the infringement demonstrates black hatters' avid use of cloud computing for launching attacks that puts even Google in danger.
Ultimately, the abuse of Google's AppEngine is the latest incident for underscoring the fact that bot herders are increasingly adopting cloud computing whereby massive servers for public use are hosted. They have shifted their focus from stand-alone servers to these servers.
Related article: Google Rectifies Gmail flaw in Three Days
» SPAMfighter News - 21-11-2009