Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 1 Vote(s) - 4 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Hackers Host Malicious payloads on Google Cloud Storage to Bypass Security System
[Image: hacker-attacking-internet-picture-id5408...kr6AmshcU=]

    Recently, malicious actors utilized Google Cloud Storage services in order to host malicious payloads to breach the security of organization's networks via bypassing their security controls. Their main point of attack was Google Cloud Storage's service domain, [storage.googleapis.com] which is utilized by many companies all over the world. 

  This campaign mainly targeted employees of banks and other services in the financial sectors which are based in the US and UK, and it is speculated that this campaign has been in operation since August of this year. The attack was first initiated via email, these emails had phishing links attached to them. These links all pointed to a malicious website that was hosted on the Google Cloud. It was later analyzed by researchers that over 4,600 phishing sites used legit hosting services. This is known as [reputation jacking]; where a malicious site hides behind a legit and recognized hosting service. 

  The payloads themselves consisted of malicious obfuscated VBS scripts, these same scripts seemed to belong to the Houdini malware family, one file in particular, a JAR file [Swift invoice.har] belongs to the aforementioned malware family. There are other JAR files that are being looked over, and these ones may belong to the Qrat malware family. 

  That was the news folks, have a good week, and stay safe out there. 

01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Google Project Zero Discloses Nasty Windows 0-Day Security Exploit Already In The Wi News 0 420 11-01-2020, 06:12 AM
Last Post: News
Star News Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patc News 0 447 10-21-2020, 11:27 AM
Last Post: News
Star News Smashing Security podcast #200: Two flipping hundred News 0 422 10-15-2020, 09:28 AM
Last Post: News
Star News US Warns: Hackers Chaining Zerologon, Other Vulnerabilities News 0 432 10-11-2020, 01:15 PM
Last Post: News
Star News Top anti-virus, anti-malware products contain security flaws News 0 468 10-08-2020, 01:09 AM
Last Post: News
Star News Google warns of security holes in other vendors’ Android phones News 0 357 10-05-2020, 09:13 AM
Last Post: News
Star News Zoom adds Two-factor authentication (2FA) as extra layer of security News 3 1,291 09-29-2020, 07:01 PM
Last Post: JJAskiz
Star News Homeland Security Issues Urgent Windows Security Warning Over Zerologon Exploit News 0 438 09-21-2020, 09:26 AM
Last Post: News
Star News Google Adsense stopped working!!! Mr.Kurd 0 519 08-11-2020, 10:56 PM
Last Post: Mr.Kurd
Star News Google: Eleven zero-days detected in the wild in the first half of 2020 Mr.Kurd 0 626 08-02-2020, 10:49 PM
Last Post: Mr.Kurd

Users browsing this thread: 1 Guest(s)