By Dan Goodin in San Francisco
9th November 2009
Cyber criminals' love affair with cloud computing just got steamier with
the discovery that Google's AppEngine was tapped to act as the master
control channel that feeds commands to large networks of infected
The custom application was used to relay download commands to PCs that
had already been infected and made part of a botnet, said Jose Nazario,
the manager of security research at Arbor Networks. Google shut down the
rogue app shortly after being notified of it.
The discovery is the latest to highlight bot herders' growing embrace of
the cloud, in which applications and data are hosted on large, publicly
available servers instead of stand-alone machines. Last Friday,
researchers from Symantec found a Facebook account pumping commands to
zombie drones. And in August, Nazario found several Twitter accounts
that were doing much the same thing.
Also on Monday, researchers from anti-virus provider Trend Micro
reported that the massive Koobface botnet was abusing Google Reader to
spam malicious links to Facebook and other social networking sites.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News