Cybercriminals are increasingly abusing legitimate cloud hosting services in malware campaigns, according to security experts.

Microsoft recently detailed such attacks in a Twitter thread.

“In the past weeks, researchers have noted the increased abuse of legitimate cloud hosting services in malware campaigns. Microsoft threat intelligence shows this trend persists, w/ a number of known malware incl. BazarLoader, Zloader, Lightbot, Hancitor, etc. using the technique,” tweeted the official Microsoft Security Intelligence account.

According to experts, these email campaigns use a wide range of topics to lure victims. These include “threats of job dismissal, exposing illegal activity, other fear tactics,” Microsoft security experts said.

Also read: Microsoft launches programme for health-tech start-ups, collaborates with Social Alpha

These emails would contain links that lead to a malicious document or archive file hosted on a legitimate service. Downloading and opening the file leads to the payload.

The Microsoft Security Intelligence team further shared an example of one such campaign that used the Google Drive service.

The campaign used password-protected .zip files hosted on Google Drive, with the password in the email.

Also read: Cyber frauds to see an uptick in India in 2021: Report

Users should avoid clicking on suspicious links and leverage advanced security tools to protect themselves from such malware attacks.

“To help protect against these attacks, Microsoft Defender for Office 365 uses machine learning and detonation technology to automatically analyse new and unknown threats in real time, backed by Microsoft researchers closely monitoring the trend to ensure continued coverage,” Microsoft tweeted.

Related Topics
comment COMMENT NOW