Bloomberg are today reporting that last month’s PSN hack, which resulted in the data from 100 million personal accounts being compromised was launched from rented Amazon servers.
Amazon’s range of web services includes Amazon Elastic Compute Cloud (Amazon EC2) which essentially is racks of CPUs offering enormous computational power that users can rent by the minute. Bloomberg’s anonymous source said that the perpetrators of the attack used an alias to sign up and the account has since been closed.
It is not the first time EC2 has been used for undesirable intentions as earlier this year German security researcher Thomas Roth used the power of the cloud to highlight the power of cloud computing could be used to launch brute force attack on a WPA-PSK protected WiFi network in less than 20mins for a fraction of the cost of running the application on his own equipment. Roth’s program used EC2 to force 400,000 passwords per second to crack the network and he went on to say that with further optimisations he could have cracked the security within six minutes.
In late 2009, a ZeuS-based banking trojan used the popular Amazon service as a command and control channel that issued software updates and malicious instructions to PCs that were infected by the malware.
In both cases, those tapping the Amazon cloud did so as paid customers.
The source didn’t say how EC2 was used in the attack on the PSN, but Amazon’s Web Services themselves were hit by a massive outage around the same time as the PSN attack taking with it a large number of high profile websites who rely on the cheap computational power to run their services. Amazon blamed network upgrades for the outage, rather than any discovery of people using their service to launch the PSN hack and so far haven’t commented on Bloomberg’s story.
Source: Bloomberg, Via The Register.
uber-BARBIE
Get the criminal minds team in. They solve shit real quick and look hot doin it. Well 2 of em lol
eirekun
According to http://status.aws.amazon.com/ on the 19th they had one error:
[RESOLVED]Increased error rates for Instance Import APIs in US-EAST-1
4:38 AM PDT Between 02:55 am and 04:20 am PDT, the Instance Import APIs in the US-EAST-1 Region experienced increased error rates. The issue has been resolved and the service is operating normally.
fattyuk
???
eirekun
Profit
enroene
they really were determined.
Crocadillian
Interesting, I look forward to the day the hackers are caught though, which i’m sure will happen.
retro_
This blight on our society needs to be eradicated.
They are only nippers but they will get their just deserves.