Rob Kraus SERT director of research at Solutionary

Rob Kraus, SERT director of research at Solutionary

Solutionary: Amazon-Hosted Malware Nearly Tripled

A new threat intelligence report from Solutionary shows that Amazon Web Services-hosted malware has tripled in the first six months of 2014.

A Solutionary threat intelligence report stated that the amount of malware hosted on Amazon Web Services (AWS) has nearly tripled in the first six months of 2014. This report comes six months after Solutionary named AWS the top malware hosting provider.

According to Solutionary's Security Engineering Research Team (SERT)'s "Quarterly Threat Intelligence Report for Q2 2014," Amazon is still malware developers' favorite hosting service provider. The report noted that Amazon experienced a 250 percent increase in malware in the first half of the year.

Good news for GoDaddy, which was holding onto the No. 2 spot back in January. The popular web hosting provider saw its hosted malware drop by 12 percent.

"The findings on hosted malware in the Q2 threat report reinforce our research from 2013 and provide additional insights into the mindset and cunning of today's attackers. The findings should provide the information security community with a good understanding of the threat landscape so they better understand the adversaries' behavior," said Rob Kraus, SERT director of Research at Solutionary, in a prepared statement. "From an organizational perspective, attention to detail, especially the security basics, is often enough to deter a malicious individual or group of individuals. The tricky part of information security, and the reason we must always be mindful of the trends in the industry, is that the second you make it more difficult for a malicious actor, they have already moved on the next weak link."

Here are a few of the key findings from the report:

  • Amazon's share of malware increased to 41 percent as of June from 16 percent at the end of 2013. Solutionary speculated that nogoodniks are turning to Amazon because of the ease in which they can be up and running at very little cost.
  • GoDaddy now accounts for only 2 percent of malware from hosting providers surveyed in the report.
  • The United States remains the top spot for hosting malware (and you thought it was Russia or China, didn't you?). In fact, the percentage of worldwide malware is increasing in the United States—to 56 percent in June from 44 percent in December 2013.
  • However, malware increased in many other countries, including France, The Virgin Islands and Ireland. Germany, The Netherlands, Russia, the United Kingdom and the Great White North (we assume Canadian malware apologies as it infects) all experienced decreases.

Amazon Web Services responded to Talkin' Cloud's request for a statement with: "AWS employs a number of mitigation techniques, both manual and automated, to prevent the misuse of the services. We have automatic systems in place that detect and block many attacks before they leave our infrastructure. Our terms of usage are clear and when we find misuse we take action quickly and shut it down. Companies that do see malicious activity originating from AWS should contact us immediately at [email protected]"

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.