Linux DDoS Bot Found in Amazon Cloud
Threat actors are actively exploiting a vulnerability in an older version of Elasticsearch software in order to add distributed denial-of-service (DDoS) malware in Amazon Elastic Compute Cloud (EC2) services.
Elasticsearch is an open source search server that can be used to look for various types of documents; its advantages include scalability, almost real-time search and support for multi-latency.
The security flaw, CVE-2014-3120, exists in the scripting capability of the software, which can be exploited to execute arbitrary code remotely on the server it is installed on. One solution for administrators that cannot perform an update would be to turn off this functionality, if possible.