Malicious Community Amazon Machine Images have become a ripe target for hackers, confirm researchers.
Researchers have raised the alarm about the growing threat vector tied to Amazon Web Services and its huge marketplace of pre-configured virtual servers. The danger is that the threat actors can easily establish malware-laced Community Amazon Machine Images (AMI) to make them available to unsuspecting AWS customers.
The threat is not theoretical, as the wild running an infected instance of Windows Server 2008 was discovered recently. The AMI was removed from a customer’s Amazon Elastic Compute Cloud (EC2) instance beginning of this month but is still available within Amazon’s Community AMI marketplace.