back to article Amazon's public cloud fingered as US's biggest MALWARE LAIR

Amazon's public cloud is the largest haven of malware spreaders in the US, according to security company Solutionary. The claims are in the outfit's "Quarterly Threat Intelligence Report" [PDF], which uses data from Solutionary's ActiveGuard Security and Compliance Platform. It was published on Wednesday. "Malware and, more …


This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Big or small most providers don't do enough to curb this behavior as well as other bad behavior and way too many companies let way to much go. Some of the worst providers for allowing this:

    Namecheap for DNS and hosting. They do very little when you can show proof that they services are used maliciously, they don't do anything.

    CariNet, Inc. is another. Contact them and good luck getting them to call back even when they say they will.

    ServerMania is another. In the past several days, a good portion of the links in SPAM messages had the links resolve to servers operated by ServerMania.

    Digital Ocean ranks up there as well.

    All of the above, I have contacted either because of SPAM, port scanning, etc. and some do take the complaints seriously but it just seems that there are many scans coming from them on a daily basis. It is like whack-a-mole and some of the above pretty much do nothing. While I agree that the providers should not be held liable in many cases, when you have providers that just seem to attract bad behaving customers, there is probably a reason as to why.

    I would think it would be pretty easy for the likes of Amazon, Microsoft, Google, etc. to make their services harder to use for malicious activity. For starters they could require a credit or debit card that is not a prepaid card. Make sure to perform validation checking on them as well. Unless someone is going to keep getting a new credit card to keep buying cloud resources, the venture would be short lived. Information sharing between the major players could go a long-way as well.

    1. Nelbert Noggins

      They'd better not remove the pre-pay/load currency cards.

      until my bank decides to provide better exchange rates and drops the foreign currency transaction charge I'll want to continue using my $ currency card.

      anti-spam will always be a game of catch-up just like anti-virus.

      here's a crazy idea, if companies stopped selling my details when they're told not to and they secured details properly and stopped getting hacked the amount of spam would reduce.

  2. Anonymous Coward


    You should turn on logging on your firewall. Most of the hits that I get, that aren't from APNIC addresses are from Rackspace, with Amazon a distant second. I can say that I have only ever had occasion to report probes, and not malware, but that probably had more to do with my userbase.

  3. pacman7de
    IT Angle

    Amazon's public malware cloud ..

    When is Amazon going to be held to account in a court-of-law for foisting all this Amazon malware on the Internet?

    2.0 Malware Distribution Analysis

    2.1 Malware Distribution by Country

    2.2 Malware Distribution by Site

    2.3 Malware Distribution by Domain

    2.4 Malware Distribution by Service Provider

    2.5 Malware Distribution by Domain Name Registrar ...

    Not including ...

    2.6 Malware Distribution by Desktop Operating System?

  4. Sirius Lee

    Too much to resist, eh?

    Jack, Jack, Jack. Too much for you to resist, eh? Another lovely opportunity to try and stick the knife in Bezos et al.? And after your little dig yesterday or your regular posts about how Amazon keep spending their profits expanding their infrastructure instead of reporting them and paying corporation tax.

    What's the problem? Did Bezos lay you off? Do you work a competitor?

    Blaming Amazon for the behavior of their users is like blaming a motorway/interstate for car/automobile accidents. Why not focus your energies and any investigative abilities on the people who use Amazon services to commit the crime. My guess is that it's just much easier to convey some second-hand report.

    And I agree with @theodore that attacks, emails and probes from IP addresses assigned to Amazon are not my biggest headache. But, hey, it confirms your apparent bias so does another perspective really matter?

    Come on Jack, prove me wrong. Find something genuinely nice to say about Amazon.

This topic is closed for new posts.

Other stories you might like