MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
unit
Search

Russian Hackers Behind SolarWinds Are Now Hiding Malware In Google Drive

Friday July 22, 2022. 03:00 PM , from Slashdot
An anonymous reader quotes a report from TechCrunch: The Russia-linked hacking group behind the infamous SolarWinds espionage campaign is now using Google Drive to stealthily deliver malware to its latest victims. That's according to researchers at Palo Alto Networks' Unit 42 threat intelligence team, who said on Tuesday that the Russian Foreign Intelligence Service (SVR) hacking unit -- tracked as 'Cloaked Ursa' by Unit 42 but more commonly known as APT29 or Cozy Bear -- has incorporated Google's cloud storage service into its hacking campaigns to hide their malware and their activities.

APT29 has used this new tactic in recent campaigns targeting diplomatic missions and foreign embassies in Portugal and Brazil between early May and June 2022, according to Unit 42. 'This is a new tactic for this actor and one that proves challenging to detect due to the ubiquitous nature of these services and the fact that they are trusted by millions of customers worldwide,' the researchers said. 'When the use of trusted services is combined with encryption, as we see here, it becomes extremely difficult for organizations to detect malicious activity in connection with the campaign.' Unit 42 disclosed the activity to both Dropbox and Google, which took action. In May, the group was found to be using Dropbox in a campaign targeting diplomats and various government agencies. A Dropbox spokesperson told TechCrunch it disabled the accounts immediately.

Read more of this story at Slashdot.
https://it.slashdot.org/story/22/07/22/039251/russian-hackers-behind-solarwinds-are-now-hiding-malwa...
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Mar, Thu 28 - 18:46 CET