Express
Cybersecurity Firm Discovered Mining Malware on AWS Market
Summary: Cybersecurity firm Mitiga discovered hidden mining malware implanted into Amazon Machine Instance (AMI) available on Amazon Web Service (AWS) marketplace. According to Mitiga, the trojanized AMI contained a malware titled “NsCpuCNMiner64” that could steal the computer’s hash power. AWS is a community that offers a variety of virtualized services, including operating systems. While users need ...
Cybersecurity firm Mitiga discovered hidden mining malware implanted into Amazon Machine Instance (AMI) available on Amazon Web Service (AWS) marketplace.
According to Mitiga, the trojanized AMI contained a malware titled “NsCpuCNMiner64” that could steal the computer’s hash power.
AWS is a community that offers a variety of virtualized services, including operating systems. While users need to be certified by AWS to become trusted vendors, any AWS user can build an AMI and circulate it publicly.
Amazon hasn’t responded to the issue yet, but AWS notes on its on-site document: “Amazon can't vouch for the integrity or security of AMIs shared by other Amazon EC2 users. Therefore, you should treat shared AMIs as you would any foreign code that you might consider deploying in your own data center and perform the appropriate due diligence. We recommend that you get an AMI from a trusted source”.
By Lily Yang
Tags: Amazon,ami,AWS,Malware
Link: Cybersecurity Firm Discovered Mining Malware on AWS Market [Copy]