Cybersecurity Firm Issues Warning Over Hidden Monero Malware on AWS Marketplace

Cybersecurity firm Mitiga has discovered hidden Monero mining malware on an Amazon Web Services (AWS) community marketplace product. 

According to a report by Business Wire, Mitiga announced on Friday that it had discovered hidden malicious code in an Amazon Machine Instance (AMI) available via the AWS marketplace. The security firm issued the recommendation that all AWS customers running community AMIs verify their products for possible malware. 

While the community marketplace is comprised of vendors certified by AWS, any user can create an AMI to offer virtualized services, applications, and operating systems. 

The AWI malware represents another instance of “cryptojacking,” where a program is used to infect an unknowing user’s device in order to mine crypto.




A report by The Block shows screenshots of a Windows Server 2008 program containing code for a Trojan malware that hijacks a computer’s processing power to mine Monero. Mitiga claims to have reached out to Amazon over the malicious program but has yet to receive a response. 

Ofer Maor, co-founder and CTO of Mitiga, told The Block:

There are thousands and thousands of Community AMIs and there are no details as to download amounts, who published them etc. Do you see how problematic this thing is?

The official AWS website notes that the use of community AMIs carries their own risk, and that Amazon “can’t vouch for the integrity or security of AMIs” shared by other users. 

Featured Image Credit: Photo via Pixabay.com