Skip to main content
CyberSecurity

Here is a rewritten title in 50-60 characters max in Chinese:“云计算隐私泄露:AWS、微软云等基础设施洗钱滥用”Translation:“Cloud computing privacy leaks: AWS, Microsoft Cloud, etc. infrastructure money laundering abuses”Note: Please keep in mind that the translation may not be perfect, and the nuances of the original title may be lost in translation.

simran February 4, 2025
Here is a rewritten title in 50-60 characters max in Chinese:"云计算隐私泄露:AWS、微软云等基础设施洗钱滥用"Translation:"Cloud computing privacy leaks: AWS, Microsoft Cloud, etc. infrastructure money laundering abuses"Note: Please keep in mind that the translation may not be perfect, and the nuances of the original title may be lost in translation.

Infrastructure Laundering: How Threat Actors Exploit Mainstream Hosting Providers

Researchers have linked the China-based Funnull content delivery network (CDN) to a malicious practice known as "infrastructure laundering." This technique involves threat actors exploiting mainstream hosting providers such as Amazon Web Services (AWS) and Microsoft Azure to host their malicious websites.

The Method Behind the Malice

The activity involves threat actors operating "hosting companies" that rent IP addresses from these providers and then map them to their criminal websites. This allows them to maintain a level of anonymity and makes it difficult for law enforcement to track their activities.

The Discovery

Researchers from Silent Push discovered this practice when they noticed that AWS and Microsoft Azure cloud hosting services are often used in large-scale by threat actors. According to their recently published report, these services are frequently used to host malicious websites.

The Consequences

The use of infrastructure laundering can have severe consequences. Threat actors are likely using stolen accounts, which may involve the use of stolen or cracked credentials. This makes the use of multifactor authentication (MFA) another potential way to mitigate this type of activity.

Mitigating the Risk

To mitigate the risk of infrastructure laundering, organizations should review the accounts with access, audit transactions, and educate people on how to spot potential malicious activity within their cloud accounts. By taking these steps, organizations can reduce the risk of falling victim to this type of malicious activity.

Additional Resources

For more information on infrastructure laundering and how to protect your organization from this type of threat, visit the following resources:


Source Link

Next Post

You May Also Like

Galaxy S25 Gets Seamless Android Updates
Galaxy S25+ & S25 Ultra Fast Charge (45W) w/ In-Box CableTech

Galaxy S25+ & S25 Ultra Fast Charge (45W) w/ In-Box Cable

February 12, 2025
TikTok Goes Dark in US: Federal Ban Takes Effect Jan 19, 2025
TikTok Goes Dark in US: Federal Ban Takes Effect Jan 19, 2025CyberSecurity

TikTok Goes Dark in US: Federal Ban Takes Effect Jan 19, 2025

simransimranJanuary 19, 2025
Elder Scrolls? Who?News

Elder Scrolls? Who?

February 15, 2025

FUSION MAG