Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users

A fresh attack campaign known as CLOUD#REVERSER has been seen staging malware payloads using reputable cloud storage services like Dropbox and Google Drive.

Securonix researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov stated in a report shared with The Hacker News that the VBScript and PowerShell scripts in the CLOUD#REVERSER inherently involve command-and-control-like activities by using Google Drive and Dropbox as staging platforms to manage file uploads and downloads.

Because the scripts are made to retrieve files that fit particular patterns, it is possible that they are awaiting instructions or scripts that have been stored in Dropbox or Google Drive.

A phishing email containing a ZIP archive file, which contains an executable that poses as a Microsoft Excel file, is the first step in the attack chain read more Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *