Bot Herders Used Google App Engine To Spread Malware
Google has confirmed news today that bot herders used Google App Engine to feed commands to networks of infected computers. According to Arbor Networks, the bot herd was discovered over the weekend. After being notified of the attack, Google quickly shut down the infected app engine.
Also on Monday, the Koobface botnet was attacking Google Reader to send malicious links through Twitter, Facebook and other social networks.
The breach is another sign that black hatters are taking a much keener interest in the cloud infrastructure for making attacks. And even Google is at risk.
Here's the news of today's attack, showing in some respects the depth of the breach and the reaction it caused. It's an interesting look at the importance of knowing when an attack actually happens and then how to respond.
Bot herders are a nasty lot. They infect people's computers, turning them into nodes on a zombie network. The network can then be used to serve malware for all kinds of purposes such as for stealing password information from Twitter and Facebook and then using that information to commit fraud such as depleting bank accounts.
In this attack on Google App Engine, a url for downloading an infected application went across the network. This allowed the bots to feed commands to infect more computers and make them part of the network, too.
Update: A statement from Google App Engine about the incident:
"Google actively works to protect our users from malware. Using Google App Engine, or any of our products, for distribution or coordination of malware is a violation of our product policies, and we will disable any App Engine applications discovered to be used for these purposes."
Facebook
Sponsored by
-
Is the Relational Database Doomed?
February 12, 2009 / 113 Comments -
Microsoft To Offer Application Marketplace In Sharepoint 2010
November 6, 2009 / 7 Comments -
Cloud Computing in Plain English
November 12, 2009 / 11 Comments -
IBM Launches Cloud Platform For Software Developers
November 5, 2009 / 3 Comments -
4 Ways Companies Use Twitter for Business
March 26, 2009 / 36 Comments
-
Cloud Computing in Plain English
November 12, 2009 / 11 Comments -
Opscotch Builds Real-Time Service Into Help Center Application
November 9, 2009 / 2 Comments -
Is the Relational Database Doomed?
February 12, 2009 / 113 Comments -
Study: Enterprise Lags in Social Web Savviness
October 7, 2009 / 5 Comments -
Straw Man Argument About Enterprise 2.0 Doesn't Fly
November 6, 2009 / 7 Comments
Comments
Subscribe to comments for this post OR Subscribe to comments for all ReadWriteEnterprise posts
Hey Alex thank you so much for sharing this interesting article with us, nice information.. This is really very helpful for me, as Bot Herders do i'll also try & use the Google Apps To Spread Malware..
Now the virus is everywhere, using a variety of services and software, Google can not avoid.
It just shows how aggressive these guys are getting to make money. Malware authors are always looking for new vectors to try to infect machines. This is why we preach so much about keeping machines patched, and security software up to date and running. Users have a lesser chance of becoming part of the problem.
Beth Jones, SophosLabs
This article should probably make an attempt to distinguish the too Google offerings, Google App Engine and Google Apps. The former was the compromised service, according the register, the latter is an enterprise email, calendar offering, and was not involved.
this is why cloud computing is stupid; this and a couple of other reasons. if you're a real company, and have real intellectual property, and use cloud, you're a tard.
so the question is: what is it that they (Google) are going to do about it. Offer any suggestions or give us rigths to free program to use?