EDIT: Amazon Web Services have contacted us to confirm that their service was not affected at all. The companies that were affected suffered due to a poor password protection policy on their AWS cloud infrastructures.
According to the security group RedLock, a group of hackers managed to breach Amazon Web Services, on the Amazon Cloud. Specifically, hackers broke into the infrastructure belonging to two companies on the Amazon Cloud: Aviva and Gemalto.
The hackers’ aim was to use the two companies’ resources to mine Bitcoin cryptocurrency. RedLock is surprised that the hackers didn’t want to steal any important company info. They only used their servers to generate cryptocurrency to get rich at their expense.
“The instance had effectively been turned into a parasitic bot that was performing nefarious activity over the internet,” explains the RedLock report.
This is shocking because usually hackers go to great pains to break into company databases to steal social security numbers, credit card numbers, passwords, emails…
Amazon, Aviva and Gemalto have all been informed about what happened. At the time of writing this article, none of the three companies have made statements. It would be interesting for Amazon to reassure both its clients in the business world as well as personal users. Otherwise, one can’t help but wonder if another hack could happen again on other Amazon services including its virtual store.
We’re facing yet another case that shows how hackers are becoming increasingly interested in infecting their victims so they use their resources (computers, infrastructures) to mine for cryptocurrency. Virtual money is generated by solving complicated mathematical problems that require a great deal of resources. Hackers, instead of paying to buy or build the computers and servers capable of solving these problems, infect their victims so that their computers do the hard work for them. Obviously, only the hackers benefit from this.
Just yesterday I reported that a large number of popular webpages had been infected with a code that installs malware on their users’ computers. This malware turns the infected PC into a cryptocurrency “miner.” You can read all about it, and find out the first steps to take to prevent an infection infection like this, by clicking on this link.