Cloud services easily abused for absent verification

1 minute read

Cloud services easily abused for absent verification

Free cloud services can easily be abused because many of them lack more secure verification processes. Bishop Fox researchers Rob Ragan and Oscar Salazar demonstrated that services like Dropbox and Google Apps can be used as botnets.

The researchers signed up for hundreds of cloud services by automating the email verification process. After registering their mail accounts, they had control over hundreds of virtual machines that could be used as a botnet for massive port scanning and crypto currency mining.

SMS authentication

The researchers wanted to demonstrate what would happen if criminals use free cloud services for illegal activities. Salazar and Ragan presented their findings in their presentation ‘Cloud Ninja: Catch Me If You Can’ during the RSA Conference in San Francisco.

They could abuse two-thirds of the 150 cloud services available. Amazon has secured its cloud service by implementing strong authentication through SMS. The researchers advise the other cloud services to follow Amazon’s example.

About CM:

Companies are always looking for the best way to reach their consumers and the rise of mobile technology offers them new opportunities to achieve this goal.

Founded in 1999, CM helps companies to interact with their customers through a multi-use mobile platform for SMS, Email and Appcare.

In addition to various messaging services, the platform also provides solutions for calling through SIP trunking, payment options for companies like Autocollect and online identification solutions such as two-factor authentication(2FA).

We offer a hybrid solution for companies to reach their target audience, anytime and anywhere.

More on SMS

Enjoyed this article? Please share the news!

Continue reading

Next CM experiences successful and inspiring Mobile World Congress
Previous Mobile World Congress: Whatsapp announces voice
Back To news overview

Related articles

Webinar: Improve your IT security with Tokenless Authentication via SMS
Webinar Quality tokenless authentication using SMS
Two Factor Authentication: How & why
“Too little awareness for securing our mobile devices”
Whitepaper 2FA: Unlocking Security Potential through your mobile phone

About the author

Charlotte van Raak is content marketer and makes sure our readers always have interesting blogs to read about how to engage with customers. During the day, she answers 1K questions in her role as communications advisor. At night she preferably sleeps.

Connect with Charlotte on