Delivering Malware Through Abandoned Amazon S3 Buckets
1 min read
Summary
Researchers have warned of the potential for malware delivery through abandoned Amazon S3 buckets, which are still being used by other services, despite laying dormant for months or even years.
In a two-month experiment, the researchers registered buckets that had been abandoned by their original owners, but which were still being pinged for updates by other services.
In the time that the researchers owned the buckets, they received eight million requests.
The researchers highlight the ease with which malware could be delivered through this mechanism, suggesting the problem is an extensive one that threatens the entire software supply chain.
It was also noted that the original owners often can’t retrieve their data or even know that their services are still being used, should they wish to resume the project or patch security issues.
One security analyst suggested Amazon could automatically lock abandoned buckets to prevent such occurrences in future.