Feeds

Amazon cloud hosts nasty banking trojan

SpyEye taps S3, adopts 'agile' programming

Beginner's guide to SSL certificates

Amazon's cloud storage service has been caught hosting services used to control the notorious SpyEye banking trojan, researchers said.

Data compiled by antivirus provider Kaspersky Lab over a 11-day period in July showed Amazon's Simple Storage Service being used regularly to host SpyEye command and control channels. The botnet operators are most likely using victims' pilfered financial data to set up fraudulent Amazon Web Services accounts, researcher Jorge Mieres wrote.

Screen shot from SpyEye

It's not the first time Amazon cloud services have been tapped by botnet operators. In late 2009, researchers found the ZeuS trojan using Amazon's EC2 to help issue commands and updates to infected machines. The code base of ZeuS was later found to have merged with that of SpyEye.

Kaspersky's discovery came a few days after researchers from Trusteer reported that the developers of SpyEye have infused their code with sophisticated new capabilities that allow the malware to evade transaction monitoring services that banks use to detect fraud. Trusteer said they are at times seeing two new versions of the malware being released per week, a pace that represents a significant uptick over previous development schedules.

“SpyEye developers appear to have figured how these defenses operate and are now constantly trying to ensure their code activity flies under the radar of these detection systems,” Trusteer CEO Mickey Boodaei wrote recently. “SpyEye seems to follow Agile software development practices, namely it is flexibly and simply coded, and new configurations are being rolled out as quickly as possible by its developers.”

SpyEye has also increased its geographic presence and the number of financial institutions it targets. Institutions in the US, UK, Canada, Germany and Australia are most heavily targeted. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016
Flash WORM has a serious use for archived photos and videos
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.