Apparently, spammers are following the current megatrend and moving to the cloud. I am used to getting tons of spam comments on this blog — but one of them catched my eye:
Author : ctgPi (IP: 79.125.XXX.XXX , ec2-79-125-XXX-XXX.eu-west-1.compute.amazonaws.com)
The IP address belongs to Amazon’s EC2 (elastic compute cloud) service – the textbook example of a cloud service (more specifically, a PaaS or Platform as a Service) — so it seems that the spammer uses Amazon’s cloud to send out spam comments to blogs.
There are “positive” and “negative” sides to this (from the perspective of a spam target, not from the spammer’s perspective):
Positive:
- The spammer is probably identifiable since he/she needs to have an Amazon account and a credit card registered with that account for payment.
- “No computers were harmed in the making of this spam comment” — the spammer is not using a botnet of hacked machines
Negative:
- The advantages of the cloud that apply to anyone using cloud services also apply to the spammer — most notably the ability to scale up and down quickly. In essence this means that a spammer can in a matter of seconds enlarge the fleet of computers (all with different IPs) he/she controls to send out a whole bunch of spam mails/comments/whatever at once.
Those that will probably suffer most from this trend are legitimate users of cloud services such as Amazon’s EC2: They risk getting banned by server operators since the IP space provided by the service also hosts severe spammers. In the long run, this is probably a problem that cloud providers such as Amazon have to tackle in general — which is going to be a challenge, especially doing so without negatively affecting legitimate users.
Tags: Cloud computing, Internet