Dangling Resources Abuse on Cloud Platforms - Identifying and Analyzing Real-Life Hijacks

Explore groundbreaking research on cloud resource hijacking in this 19-minute conference talk from NSDI '24. Discover the first-ever identification of real-life cloud resource hijacks, revealing surprising insights that challenge previous assumptions. Learn how attackers primarily target freetext records rather than IP addresses, and understand the difficulties in detecting these hijacks. Examine the novel approach developed to differentiate between malicious and legitimate modifications, uncovering over 20,000 instances of hijacked resources on popular cloud platforms. Investigate the persistence of these hijacks and the unexpected ways attackers abuse them, with a focus on blackhat search engine optimization. Gain valuable knowledge about the clustering of abuse resources and content, identifying approximately 1,800 individual attacking infrastructures.

NSDI '24 - Cloudy with a Chance of Cyberattacks: Dangling Resources Abuse on Cloud Platforms