Amazon-Hosted Malware Up Three-Fold This Year Alone

Amazon has found itself propelled right into the media spotlight this week for all the wrong reasons, having been declared one of the world’s worst offenders for hosting malware. In fact, since the beginning of 2014 alone, the amount of malware hosted by Amazon has increased three times over.That’s according to the latest Quarterly Threat Intelligence Report released by Solutionary’s Security Engineering Research Team, which singles out the online retail giant as the single worst offender of the year to date for hosting malware. According to the report, malware at Amazon spiked by a massive 250% during the first six months of the year, while last year’s ‘winner’ GoDaddy managed a pretty impressive malware decrease of 12%.   The folks behind the report insisted that the primary reason for the huge spike at Amazon is the way in which the service makes it so easy to build, open and run a website for little to no costs and with no real experience needed."The findings on hosted malware in the Q2 threat report reinforce our research from 2013 and provide additional insights into the mindset and cunning of today's attackers," read the report’s ensuing statement from SERT.“The findings should provide the information security community with a good understanding of the threat landscape so they better understand the adversaries' behavior.”Unsurprisingly, the report also confirmed that is once again the US that’s leading the world in terms of tracked malware, having increased its already massive 44% lead to a full 56% as of the end of Q2 this year. The net’s worst offenders were said to be France, Germany and then China – all of which increased this year. As for the UK it was a slightly more promising story with a slight decrease having been noted.“From an organizational perspective, attention to detail, especially the security basics, is often enough to deter a malicious individual or group of individuals,” the report continued.“The tricky part of information security, and the reason we must always be mindful of the trends in the industry, is that the second you make it more difficult for a malicious actor, they have already moved on the next weak link."The report has once again highlighted the way in which a great many web hosting providers offering free or nearly-free hosting packages are turning a blind eye to security. Free hosting can be a frankly brilliant thing for hobbyists and newcomers to the web, but to at least a modest extent must be carefully monitored and regulated. There are still so many hosting services that do not insist on verifying the credentials and intent of their subscribers before allowing new sites to go live, which effectively leaves the door wide open for abuse.Amazon for one is now facing increasing fire, having clearly failed in its obligations to make sure that those using its hosting services are doing so with a genuinely agreeable goal in mind. The Internet retail giant is yet to comment on the findings of the report or its plan of action for bringing malware back under control.