AWS has something of a malware problem, with the number of infected websites hosted on its cloud more than doubling in the last six months.

NTT’s subsidiary Solutionary revealed the findings in its latest Security Engineering Research Team (SERT) report on Tuesday. It said that among the top ten ISPs and hosting companies, the proportion of malware-hosting sites housed on AWS servers rose from 16 percent in 2013 to 41 percent by the end of Q2 this year.

But AWS isn’t the only one guilty of allowing net nasties to fester. Others saw malware increase too. For instance, malware on the European web host OVH rose from 10 to 13 percent, while Akamai saw a rise from 9 to 12 percent, and Google’s infection rate rose from 6 to 9 percent. The best performing well known web hosting company was GoDaddy, which saw malware on its servers decline from 14 percent to just 2 percent.

But AWS remains by far and away the most popular host for malware, as was the case in the SERT’ report in Q4 of last year. One obvious reason for this is AWS’ massive size and popularity, not too mention its super cheap prices that allow even the tightest of hackers to deploy server images in AWS cloud.

Speaking to The Register, Solutionary’s Chad Kahl said that cloud instances are super easy to provision on major web hosters like Amazon and GoDaddy. He pointed out that in many cases cybercriminals won’t need to do this, as “they can buy an entire command-and-control infrastructureand a phishing website to set up, and a drive-by-download website to set up.”

Another problem that web hosters have is cyber criminal’s tendencey to flit between different providers, bouncing between web hosts, ISPs and proxy hosts located in different countries to try and avoid detection.

Moreover, clearing up their infrastructure would be a very costly task for any of the above-mentioned providers, and so it would be difficult for them to justify doing so.

“The question is can these providers put the infrastructure in to scan everything?” asked Kahl. “When we’re talking about someone as big as Amazon or GoDaddy it would be a significant investment both in architecture and in time to go through and monitor everything as it’s being put up – regular scans – to detect everything and take down these groups.”

Image credit: Nemo via Pixabay.com