Malware Alert - Increasing Malware Attacks Using Cloud Resources and Targeting Companies

Malware Alert

Current Status and Related Trends

Threat intelligence indicates an increasing trend of malware attacks using cloud resources and targeting companies.

Fujitsu, one of the world's largest IT service providers, has reported that its systems were infected with malware, which resulted in a data breach and customer data theft. The malware attack infected work computers through an unconfirmed method, and the company is currently investigating the incident to determine the extent of the damage. [1]

In addition, a new malware campaign has been discovered that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult. The malware is designed to facilitate information theft, and the campaign has been found to target multiple victims. The malicious payload is embedded in a separate JSON file hosted on an external website, which uses an unorthodox HTML smuggling technique. [2]

Moreover, a malware campaign named DEEP#GOSU was employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. A notable aspect of the infection procedure is that it leverages legitimate services such as Dropbox or Google Docs for command-and-control (C2), thus allowing the threat actor to blend undetected into regular network traffic. [3]

These incidents highlight the increasing trend of malware attacks using cloud resources and targeting companies. It is crucial for organizations to implement robust cybersecurity measures to protect against such attacks, including regular software updates, employee training, and network segmentation.

Sources:

[1] Fujitsu found malware on IT systems, confirms data breach

[2] Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites

[3] New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics