A group of researchers from Indiana University Bloomington, University of California Santa Barbara and the Georgia Institute of Technology discovered more than 600 cloud repositories that contained malware and other potentially unwanted programs (PUP). According to Liao et al.’s report, up to 10 percent of the 140,000 sites and 20 major cloud platforms researched, including those of Google, Amazon and Groupon, contained compromised content. Additionally, the researchers also found the presence of several hundred malicious “buckets,” which actively dump malware into these repositories. Threat actors have utilized a variety of common attacks including fake antiviruses, phishing, as well as drive-by downloads. Liao et al.’s findings are an indication of the growing difficulty in securing big data repositories and the possible vulnerability of these cloud platforms.
Leave a Reply