Amazon’s Cloud Entertains Bank Info-Stealing Malware

Investigators at Kaspersky Labs the security company lately revealed that a Brazilian banker Trojan was being entertained on AWS (Amazon Web Services) a renowned vendor for cloud services.

Reports the security company, the malware downloader is being disseminated from one Amazon Simple Storage Service account in the form of a file delivering a screen saver. It then adds that the malware, which behaves like a rootkit, tries to render no less than 4 anti-virus applications unusable.

Furthermore, the malware deactivates GBPlugin an additional security for users' Web-browsers that Brazilian banks normally provide to their accountholders.

It, observes Kaspersky, is created for capturing financial information stored at 9 Brazilian banks along with 2 international ones, digital certificates that eTokens uses and Microsoft Live Messenger login credentials.

Additionally, the said malware reverts with details regarding PCs it infects, like their name, hard drive capacity and CPU type.

Says Kaspersky that several banks in Latin America utilize these details for identifying unauthorized login attempts; consequently, these are important for cyber-crooks to put their garb of genuineness.

Meanwhile, there are twin techniques with which the malware steals the details. These are by transmitting the information to a specific Google mail account alternatively by transferring the same onto a distantly-located server.

Normally cyber-crooks exploit web-hosting utilities that are free and which are capable of responding fast since that acts as crucial in getting as many potential victims as possible. Unluckily, it appears Amazon didn't assign this incident sufficient priority, since as Dmitry Bestuzhev an expert at Kaspersky Lab says, the downloader continued to remain active for 12 more hours in spite of notifying the company. Softpedia.com reported this on June 6, 2011.

Indeed the expert speculates that cyber-criminals will keep on using genuine cloud services such as Amazon in various forms of cyber-assaults.

Additionally, he says that cloud service vendors must begin considering regarding monitoring systems better as well as broadening security teams so that malware assaults that are executed via their cloud can be mitigated.

Eventually, it's because of undesirable malware assaults of these kinds that malicious software is increasing worldwide, while getting increasingly sophisticated and nasty.

Related article: Amazon’s Customers Latest Target for Phishers

» SPAMfighter News - 6/13/2011