Skip to main content

Malware Alert - Increasing Malware Attacks Using Cloud Resources and Targeting Companies

Release Date: 19 Mar 2024 3200 Views

Type: Malware

Malware Alert

Current Status and Related Trends

Threat intelligence indicates an increasing trend of malware attacks using cloud resources and targeting companies.

 

Fujitsu, one of the world's largest IT service providers, has reported that its systems were infected with malware, which resulted in a data breach and customer data theft. The malware attack infected work computers through an unconfirmed method, and the company is currently investigating the incident to determine the extent of the damage. [1]

 

In addition, a new malware campaign has been discovered that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult. The malware is designed to facilitate information theft, and the campaign has been found to target multiple victims. The malicious payload is embedded in a separate JSON file hosted on an external website, which uses an unorthodox HTML smuggling technique. [2]

 

Moreover, a malware campaign named DEEP#GOSU was employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. A notable aspect of the infection procedure is that it leverages legitimate services such as Dropbox or Google Docs for command-and-control (C2), thus allowing the threat actor to blend undetected into regular network traffic. [3]

 

These incidents highlight the increasing trend of malware attacks using cloud resources and targeting companies. It is crucial for organizations to implement robust cybersecurity measures to protect against such attacks, including regular software updates, employee training, and network segmentation.

 

Sources:

[1] Fujitsu found malware on IT systems, confirms data breach

[2] Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites

[3] New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics

HKCERT recommends that users should:

 

  • Organizations are advised to keep their systems and devices up-to-date with the latest security patches
  • Implement multi-factor authentication to prevent unauthorized access.
  • Use reputable antivirus software
  • Educate employees on how to identify and avoid phishing attacks
  • Be cautious when opening email attachments or clicking on links from unknown sources
  • Monitor and block any malicious traffic in the network
  • Monitor closely if the devices are connected to unknown accounts of cloud resources

Related Tags