CyberNews Briefs

Researchers Sound Alarm Over Malicious AWS Community AMIs

Researchers have alerted the public to a growing threat posed by Amazon Web Services and its available pre-configured virtual servers, stating that threat actors can build Community Amazon Machine Images (AMI) infected with malware yet make them identical to legitimate ones. This poses a risk to AWS customers, as they could unknowingly download malware onto their device from the AWS marketplace. Security firm Mitiga uncovered the threat in a report published on Friday.

According to Mitiga, although this is not occurring at a large scale, the threat is not theoretical as the organization has already found a malicious AMI in the wild running an infected instance of Windows Server 2008. Although the malicious AMI was removed from a customer’s Amazon Elastic Compute Cloud earlier this month, it remains available in Amazon’s Community AMI marketplace. This specific AMI was replicating a crypto-miner that generates Monero coins for unknown hackers. Mitiga has since notified Amazon of the risks and infected AMI.

Read More: Researchers Sound Alarm Over Malicious AWS Community AMIs

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.