SophosLabs has just published a detailed report about a malware attack dubbed Cloud Snooper. The reason for the name is not so much that the attack is cloud-specific (the technique could be used against pretty much any server, wherever it’s hosted), but that it’s a sneaky way for cybercrooks to open up your server to the cloud, in ways you very definitely don’t want, “from the inside out”.
The Cloud Snooper report covers a whole raft of related malware samples that our researchers found deployed in combination. It’s a fascinating and highly recommended read if you’re responsible for running servers that are supposed to be both secure and yet accessible from the outside world – for example, websites, blogs, community forums, upload sites, file repositories, mail servers, jump hosts and so forth.
[Source: Naked Security]