Summary: A report by Silent Push reveals that a China-linked Content Delivery Network (CDN) named FUNNULL is misusing major cloud services like AWS and Microsoft Azure to run a range of malicious websites. FUNNULL employs “infrastructure laundering” to hide its activities and continuously acquire new IP addresses while evading detection. The report highlights the urgent need for improved security measures and cooperation among cloud providers to combat this escalating threat.
Affected: Amazon Web Services (AWS), Microsoft Azure
Keypoints :
- FUNNULL uses infrastructure laundering to rent IP addresses from reputable cloud providers for malicious purposes.
- The CDN hosts numerous fraudulent websites that scam users into providing sensitive information, such as personal and financial details.
- Current security measures by cloud providers need enhancement to effectively address and prevent infrastructure laundering activities.