Satoshi Nakamoto Blog
Image default
Uncategorized

Attackers Use Google Cloud to Target US, UK Banks



Employees at financial services firms hit with an email attack campaign abusing a Google Cloud storage service.

A malicious email campaign has been found abusing a Google Cloud Storage service to host a payload sent to employees of financial services organizations, Menlo Labs researchers report.

The threat appears to have been active in the US and UK since August 2018. Victims receive emails containing links to archive files; researchers say all instances in this particular campaign have been .zip or .gz files. All cases involve a payload hosted on storage.googleapis.com, which appears to be related to Google’s cloud storage service but is, in fact, a malicious link.

Attackers often use this domain to host payloads because it’s trusted and likely to bypass security controls in commercial threat detection products. These actors may have chosen bad links in lieu of malicious attachments because many email security products are designed to detect files and only pick up on malicious URLs if they’re already in their threat repositories.

The use of a link resembling Google’s cloud storage service is a form of “reputation jacking,” a tactic in which attackers abuse well-known hosting services to evade detection. It’s a growing trend, researchers say: In its annual analysis of the top 100,000 domains as ranked by Alexa, Menlo Labs found 4,600 phishing sites that used legitimate hosting services.

Read more details here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

More Insights





Source link

Related posts

Other Market Protections Needed Before Bitcoin ETF Approval

satoshi

Report: Blockchain technology can help Kenya win graft war

satoshi

Facebook’s blockchain cryptocurrency could mean big money – and kill ‘fake news’

satoshi

A former head of election integrity operations at Facebook says the company's business model and ad targeting tools make it hard for it to not harm democracy (Yaël Eisenstat/Washington Post)

satoshi

‘Smart shirt’ can accurately measure breathing and could be used to monitor lung disease

satoshi

An amateur developer made an Excel spreadsheet that runs Civilization

satoshi