Amazon cloud could be hijacked to harvest BitTorrent files, researcher says

Techworld.com - Cloud services are now vulnerable to malicious use, a security company has suggested, after a techie worked out how Amazon.com Inc.'s EC2 service could be used as a BitTorrent file harvester and host.

Amazon's Elastic Compute Cloud (EC2) is a Web service that software developers can use to access computing, compilation and software trialling power on a dynamic basis, without having to install the resources locally.

Developer Brett O'Connor has come up with a method for using the same service to host an open-source BitTorrent application called TorrentFlux.

Getting this up and running on Amazon would require some technical know-how, but would be within the reach of a moderately experienced user, right down to following O'Connor's command line lowdown on how to install the public TorrentFlux application straight to Amazon's EC2 rather than a user's local machine.

Finding an alternative way of using BitTorrent matters to hardcore file sharers because Internet service providers and administrators alike are increasingly keen to block such bandwidth-eating traffic on home and business links, and O'Connor's EC2 guide was clearly written to that end -- using the Amazon service would make such blocking unlikely.

"I created a Web-based, open-source BitTorrent 'machine' that liberated my network and leveraged Amazon's instead," said O'Connor. He then quipped, "I can access it from anywhere, uploading Torrent files from wherever, and manage them from my iPhone."

However, security company Global Secure Systems Corp. (GSS) claimed that the guide shows the scope for possible abuse, using EC2 to host or 'seed' non-legitimate BitTorrent file distribution.

"This means that hackers and other interested parties can simply use a prepaid -- and anonymous -- debit card to pay the $75 a month fee to Amazon and harvest BitTorrent applications at high speed with little or no chance of detection," said David Hobson, managing director of GSS.

"The danger here is that companies may find their staff FTPing files from Amazon EC2 -- a completely legitimate domain -- to the firm's computers, resulting in an internal computer infection. The consequences of this do not bear thinking about," he continued.

Despite a certain amount of Internet comment on the 'O'Connor method', Amazon.com has yet to respond publicly to the issue. Amazon already supports the BitTorrent protocol through its Simple Storage Service (S3), though a heavy user would likely find this service much more expensive than EC2.

It's not clear that O'Connor's clever work-out represents anything new in principle, but it does raise the issue of how cloud computing providers plan to monitor and manage what their services are being used for. There is no suggestion that O'Connor intended the method to be used improperly.

In addition being notorious way of sharing software, music and video illegally, BitTorrent has also become an occasional channel for malware distribution. The assumption has always been that nontorrent channels would simply be an easier way to distribute malware to a mass audience, but this week's packing of an Apple Trojan horse inside a torrent supposedly distributing pirated copies of Apple Inc.'s iWork 09 suggests this view might be out of date.