Engineers Garage

  • Projects and Tutorials
    • Electronic Projects
      • 8051
      • Arduino
      • ARM
      • AVR
      • PIC
      • Raspberry pi
      • STM32
    • Tutorials
    • Circuit Design
    • Project Videos
    • Components
  • Articles
    • Tech Articles
    • Insight
    • Invention Stories
    • How to
    • What Is
  • News
    • Electronic Products News
    • DIY Reviews
    • Guest Post
  • Forums
    • EDABoard.com
    • Electro-Tech-Online
    • EG Forum Archive
  • Digi-Key Store
    • Cables, Wires
    • Connectors, Interconnect
    • Discrete
    • Electromechanical
    • Embedded Computers
    • Enclosures, Hardware, Office
    • Integrated Circuits (ICs)
    • Isolators
    • LED/Optoelectronics
    • Passive
    • Power, Circuit Protection
    • Programmers
    • RF, Wireless
    • Semiconductors
    • Sensors, Transducers
    • Test Products
    • Tools
  • EE Resources
    • DesignFast
    • LEAP Awards
    • Oscilloscope Product Finder
    • White Papers
    • Webinars
  • EE Learning Center
    • Design Guides
      • WiFi & the IOT Design Guide
      • Microcontrollers Design Guide
      • State of the Art Inductors Design Guide
  • Women in Engineering

Study Reveals ‘Lurking Malice’ within Cloud Hosting Services

By Parul Gupta

A study of 20 chief cloud hosting solutions has identified that as many as 10% of the sources hosted by them had been compromised – with numerous hundreds of the ‘buckets’ actively offering malware. Such disturbing content could be puzzling to find but because it can be easily assembled from stored elements that individually may not seem to be malicious.
 
 
                                                                                    Figure: Areas with bad repositories
 
To search the bad content, scientists prepared a scanning methodology that appears for features unique to the bad repositories, called as ‘Bars.’ The features comprise certain sorts of redirecting schemes and elements created to safeguard the malware from scanners. Scientists from the Georgia Institute of Technology, Indiana University Bloomington and the University of California Santa Barbara performed the research.
 
Considering the foremost systematic study of the cloud-based malicious role it will be introduced at the ACM Conference on Communications and Computer Security in Vienna, Austria. “Bad actors have shifted to the cloud along with everybody else,” says Raheem Beyah, a lecturer in Georiga Technology School of Computer and Electrical Engineering. “The troubling guys are utilizing the cloud to offer malware and other nefarious elements while remaining unidentified. The resources they utilize are compromised in a range of ways, from conventional exploits to just availing the advantage of poor configurations.
 
Beyah and his graduate student Xiaojing Liao identified that the bad actors could hide their roles by keeping elements of their malware in separate resources that by themselves did not boost conventional scanners. Only just they were required to launch an attack were the distinct parts of this malware association.
 
As a whole, the scientists scanned more than 140,000 sites on 20 cloud hosting sites and identified about 700 active sources for malicious content. In total, almost 10 percent of cloud repositories studied by the group in some way. The scientists stated that the cloud is hosting entities of their findings before the introduction of the study. “It is pervasive in the cloud,” says Beyah. “We identified that problem in every last element of the hosting services we analysed. We believe this is a major problem for the cloud-hosting industry.”
 
In some situations, the bad actors opened a costly account and instigated hosting their software. In other situations, the malicious content was hidden in the cloud – based domains of the well – known brands. Linking the bad content with good content in the brand domains safeguarded the malware from blacklisting of the domain.
 
Liao and Beyah saw an extensive assortment of attacks in the cloud – hosted repositories, varying from common and phishing drives by downloads to faulty antivirus and computer update sites. 
 
“They can attack you from such buckets, or they can redirect you to the other malicious buckets or a range of malicious buckets,” he confirms. “It can be troubling to witness where the code is directing you.” To safeguard cloud-based sources from such attacks, Beyah suggests that the typical defences, comprising patching of systems and appropriate configuration settings. “Attackers are intelligent, and as we safeguard things and make the cloud infrastructure more difficult for them to attack, they will shift onto something else,” he says.

Filed Under: News

 

Questions related to this article?
👉Ask and discuss on Electro-Tech-Online.com and EDAboard.com forums.



Tell Us What You Think!! Cancel reply

You must be logged in to post a comment.

HAVE A QUESTION?

Have a technical question about an article or other engineering questions? Check out our engineering forums EDABoard.com and Electro-Tech-Online.com where you can get those questions asked and answered by your peers!


Featured Tutorials

  • PS2 Keyboard To Store Text In SD Card Using Arduino Circuit Setup On Breadboard
    How To Use PS2 Keyboard To Store Text In SD Card Using Arduino- (Part 42/49)
  • Wireless Path Tracking System Using Mouse, XBee And Arduino Circuit Setup On Breadboard
    How To Make A Wireless Path Tracking System Using Mouse, XBee And Arduino- (Part 43/49)
  • How to Make a Wireless Keyboard Using Xbee with Arduino- (Part 44/49)
  • Making Phone Call From GSM Module Using Arduino Circuit Setup On Breadboard
    How to Make Phonecall From GSM Module Using Arduino- (Part 45/49)
  • How to Make a Call using Keyboard, GSM Module and Arduino
    How To Make A Call Using Keyboard, GSM Module And Arduino- (Part 46/49)
  • Receiving SMS Using GSM Module With Arduino Prototype
    How to Receive SMS Using GSM Module with Arduino- (Part 47/49)

Stay Up To Date

Newsletter Signup

Sign up and receive our weekly newsletter for latest Tech articles, Electronics Projects, Tutorial series and other insightful tech content.

EE Training Center Classrooms

EE Classrooms

Recent Articles

  • Renesas delivers intelligent sensor solutions for IoT applications
  • Microchip Technology releases AVR-IoT Cellular Mini Development Board
  • Qualcomm acquires Cellwize to accelerate 5G adoption and spur infrastructure innovation
  • MediaTek’s chipset offers high-performance option for 5G smartphones
  • Nexperia’s new level translators support legacy and future mobile SIM cards

Most Popular

5G 555 timer circuit 8051 ai Arduino atmega16 automotive avr bluetooth dc motor display Electronic Part Electronic Parts Fujitsu ic infineontechnologies integratedcircuit Intel IoT ir lcd led maximintegratedproducts microchip microchiptechnology Microchip Technology microcontroller microcontrollers mosfet motor powermanagement Raspberry Pi remote renesaselectronics renesaselectronicscorporation Research samsung semiconductor sensor software STMicroelectronics switch Technology vishayintertechnology wireless

RSS EDABOARD.com Discussions

  • Using LTspice to check Current sense transformer reset?
  • Plotting E_theta and E_phi using the fields calculator in HFSS
  • SRF04 module measure distance
  • Motherboard - worst case scenario
  • Will Wifi throughput be affected by RSSI (attenuation) in my setup?

RSS Electro-Tech-Online.com Discussions

  • Are Cross-wind compensation and Road crown compensation functions inputs to LKA function?
  • Interfacing ZMOD4410 with Arduino UNO
  • Help diagnosing a coffee maker PCB
  • Capacitor to eliminate speaker hum
  • Identify a circuit.
Engineers Garage
  • Analog IC TIps
  • Connector Tips
  • DesignFast
  • EDABoard Forums
  • EE World Online
  • Electro-Tech-Online Forums
  • Microcontroller Tips
  • Power Electronic Tips
  • Sensor Tips
  • Test and Measurement Tips
  • 5G Technology World
  • About Us
  • Contact Us
  • Advertise

Copyright © 2022 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search Engineers Garage

  • Projects and Tutorials
    • Electronic Projects
      • 8051
      • Arduino
      • ARM
      • AVR
      • PIC
      • Raspberry pi
      • STM32
    • Tutorials
    • Circuit Design
    • Project Videos
    • Components
  • Articles
    • Tech Articles
    • Insight
    • Invention Stories
    • How to
    • What Is
  • News
    • Electronic Products News
    • DIY Reviews
    • Guest Post
  • Forums
    • EDABoard.com
    • Electro-Tech-Online
    • EG Forum Archive
  • Digi-Key Store
    • Cables, Wires
    • Connectors, Interconnect
    • Discrete
    • Electromechanical
    • Embedded Computers
    • Enclosures, Hardware, Office
    • Integrated Circuits (ICs)
    • Isolators
    • LED/Optoelectronics
    • Passive
    • Power, Circuit Protection
    • Programmers
    • RF, Wireless
    • Semiconductors
    • Sensors, Transducers
    • Test Products
    • Tools
  • EE Resources
    • DesignFast
    • LEAP Awards
    • Oscilloscope Product Finder
    • White Papers
    • Webinars
  • EE Learning Center
    • Design Guides
      • WiFi & the IOT Design Guide
      • Microcontrollers Design Guide
      • State of the Art Inductors Design Guide
  • Women in Engineering