Mitiga researchers are sounding the alarm over what they say is a growing threat vector tied to Amazon Web Services and its marketplace of pre-configured virtual servers. The danger is that threat actors can easily build malware-laced Community Amazon Machine Images and make them available to unsuspecting AWS customers. A malicious AMI was found in the wild running an infected instance of Windows Server 2008. The AMI in question was harboring a crypto miner generating Monero coins for unknown hackers on a financial institution’s EC2 for the past five years.
Source: https://threatpost.com/malicious-aws-community-amis/158555/