ExtraTorrent.cc - The Largest Bittorent SystemLogin   |   Register
Latest Articles
Most searched
Hot torrents
First Cams
View Torrent Info: Allied 2016 HDCAM x264 AC3 HQMic-CPG
View Torrent Info: Underworld Blood Wars 2016 HDCAM NAKRO
View Torrent Info: Moana 2016 HD-TS XviD AC3-CPG
View Torrent Info: Shut.In.2016.HDCAM.x264 - Lesnar
Hot torrents
XVID DIVX
View Torrent Info: SiREN.2016.DVDRip.XViD-ETRG
View Torrent Info: Evans.Crime.2015.HDRip.XViD-ETRG
View Torrent Info: 31.2016.BRRip.XViD.AC3-ETRG
View Torrent Info: A Girl Like Grace.2016.HDRip.XviD.AC3-EVO
Hot torrents
H264 X264
View Torrent Info: Mechanic.Resurrection.2016.BluRay.720p.DTS.AC3.x264-ETRG
View Torrent Info: The.Mechanic.2011.BluRay.720p.DTS.AC3.x264-ETRG
View Torrent Info: Ordinary.World.2016.720p.BRRip.x264.AAC-ETRG
View Torrent Info: Miss.Peregrines.Home.for.Peculiar.Children.2016.720p.BRRip.x264.AAC-ETRG
Hot torrents
Television
View Torrent Info: Arrow.S05E09.HDTV.x264-LOL[ettv]
View Torrent Info: Vikings.S04E12.HDTV.x264-KILLERS[ettv]
View Torrent Info: Survivor.S33E13.HDTV.x264-CROOKS[ettv]
View Torrent Info: Designated.Survivor.S01E09.HDTV.x264-KILLERS[ettv]
View Torrent Info: AE DIL HAI MUSHKIL (2016) DVDRIP 1CDRIP x264 AAC ESub [DDR]
View Torrent Info: Train.To.Busan.2016.720p.WEBRip.x264.Korean.AAC-ETRG
View Torrent Info: YZ.2016.Marathi.1080p.WEB-DL.H264.ESub.AAC2.0-DDR
View Torrent Info: The.Dark.Knight.Trilogy.IMAX.EDITION.HQ.BluRay.1080p.x264.AC3.Hindi.Eng.ETRG
30s
Chat
To add new messages please Login or Register for FREE
Warning! Stop Government from Tracking Your Torrenting!
Your IP Address is 54.157.225.99.   Location is United States
Your Internet Provider and Government can track your internet activity! Hide your IP and LOCATION with a VPN
ExtraTorrent strongly recommends using Trust.Zone VPN to anonymize your torrenting. It's FREE!

ExtraTorrent.cc > Articles > Hackers Cracked Amazon’s Cloud

Hackers Cracked Amazon’s Cloud

Hackers Cracked Amazon’s Cloud

Added: Monday, August 4th, 2014
Category: Recent Headlines Involving File Sharing > Current Events
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2013, www.extratorrent.cc
Apparently, the digital thieves found out a way to break into Amazon’s cloud and infect it with DDoS malware. Security experts found out that the hole was thanks to a flaw in distributed search engine software Elasticsearch, a popular open-source search engine server. The software in question was developed in Java, and it is known that Java allows apps to perform full-text search for different documents via a REST API (representational state transfer application programming interface).
Screen_Hunter_01_Aug.jpg

The Amazon Elastic Compute Cloud (EC2) is not the only one which uses Elasticsearch: the search engine server is commonly used in many cloud environments, such as Microsoft Azure, Google Compute Engine and other platforms.

According to the engine’s developers, versions 1.1.x of Elasticsearch support active scripting via API calls in their default configuration. However, the authors failed to explain why this doesn’t require authentication. This is how the malware creators have broken into the system.

Apparently, the developers decided not to release a patch for the 1.1.x branch, but starting with version 1.2.0, dynamic scripting was disabled by default. In the meantime, Kaspersky Lab has discovered variants of Mayday, a Trojan program for Linux used to launch distributed denial-of-service attacks, and one of them was caught running on compromised Amazon EC2 server instances.

According to Kaspersky Lab researchers, Amazon was not the only victim of the intruders. They also break into virtual machines run by Amazon EC2 customers by exploiting the CVE-2014-3120 vulnerability in Elasticsearch 1.1.x, because it was still being used by some organizations in active commercial deployments despite being superseded by 1.2.x and 1.3.x versions.

Security experts saw the early stages of the Elasticsearch attacks. They also found out that the intruders modified publicly available proof-of-concept exploit code for CVE-2014-3120 and installed a Perl-based Web shell with its help. This is how the hackers got a backdoor script which allowed remote attackers to execute Linux shell commands over the Internet. According to the information from the security specialists, the script downloads the new version of the Mayday DDoS bot, dubbed Backdoor.Linux.Mayday.g.

Posted by:  SuperAdmin
Date:  Monday, August 4th, 2014



Comments (2) (please add your comment »)

1
posted by (2014-08-04 12:39:23)
blade70 avatarEventually, as we rely more and more on cloud based services, this will be an everyday occurrence.

2
posted by (2014-08-04 18:56:59)
No avatarHackers can crack only those things has loop holes, having OS & protocols loop holes. my system is open for hacking, hack it....



Articles Search
Most Popular Stories
Articles Categories
Articles Tags


Home - Browse Torrents - Upload Torrent - Stat - Forum - FAQ - Login
ExtraTorrent.cc is in compliance with copyrights
BitCoin: 12DiyqsWhENahDzdhdYsRrCw8FPQVcCkcm
Can't load ExtraTorrent? Try our official mirrors: etmirror.com - etproxy.com - extratorrentonline.com - extratorrentlive.com
2006-2016 ExtraTorrent.cc2