This past Wednesday, researchers from CA reported what they described as the "first instance" of a malicious website hosted on Amazon's EC2 cloud service. But contrary to the reports, malware distributed via Amazon's cloud-based services isn't a new phenomenon - it's been happening in steady doses since at least June 2007 on Amazon's S3 service and since February 2008 on Amazon's EC2 service. Antivirus vendor Sophos even reported on one of the earlier EC2 attacks in July 2008.

In the past three years, ScanSafe has recorded 80 unique malware incidents involving amazonaws, 45 of which were in 2009, 13 in 2008, and 22 in 2007.

Unlike real estate, when it comes to malware, location is no guarantee of security. A link to a file hosted on amazonaws should be treated as catiously as an unexpected link pointing to any other unfamiliar source. On the plus side, when malware is distributed through amazonaws, it's significantly easier to put a stop to it. As Amazon explains, "Abusers who choose to run their software in an environment like Amazon EC2, make it easier for us to access and disable their software."