RSA 2010: Hackers using legitimate cloud services for dark ends
Malware industry getting increasingly professional, warn experts
Hacking groups are using legitimate cloud offerings such as Amazon Web Services to facilitate malware creation and password cracking, delegates at RSA 2010 were told.
The Russian Business Network (RBN), one of the most powerful and extensive malware and hacking organisations, has been buying time on Amazon's EC2 platform to build malware and attack passwords, according to Ed Skoudis, founder of security consultancy InGuardians.
"Bad guys can use the cloud to improve operations just as we can. The RBN has been using Amazon for the same kind of benefits as the good guys," he said.
"It gives them enormous password hacking tools, and can be used in massive search engine optimisation poisoning attacks."
The RBN, based in northern Russia, is one of the biggest and most professional hacking groups in the world.
The organisation started in the pornography business, but quickly moved to crime and now offers malware-as-a-service and hosting services, and provides credit card data and false identities.
Other security professionals have confirmed the use of mainstream cloud services by the hacking and malware community.
"We use it to number crunch, and so do they," Paul Simmonds, chief information security officer at AstraZeneca, told V3.co.uk.
"After all, one set of numbers is all the same in the end. Cloud gives them the power they need to break passwords efficiently."