Hackers are wreaking havoc on Google’s Cloud infrastructure

June 9, 2020

Attackers use Google Firebase storage URLs to trick users into giving up their login credentials

According to Cyware, researchers at Trustwave recently discovered numerous hackers infecting users with malware by targeting them via Google's Cloud infrastructure.

A number of phishing campaigns uncovered by the team of researchers found that threat actors are using Google Firebase storage URLs to dupe users into giving up their login credentials.

By leveraging Google Cloud’s infrastructure in their campaigns, threat actors have attached Google Firebase storage URLs to various phishing emails. Once a user clicks on the Firebase link in the email, they are directed to a fake login page that requests their login credentials. Once an unsuspecting user has entered their credentials, she fake page shares them with the hackers.

Per Trustwave: “This phishing campaign although low in volume seems to be targeting a range of industries, as well as being detected by our spam traps. Some exemplar phishing messages used in this campaign are illustrated here. The major themes include payment invoice, upgrade email account, release pending messages, verify account, account error, change password, etc.”

Trustware also observed threat actors using the coronavirus pandemic and internet banking lures to trick victims into accessing fake vendor-payment forms designed to harvest users’ login credentials. Other tactics the hackers used included Microsoft Outlook and Office 365 phishing pages that harvest corporate login credentials.

“The use of cloud infrastructure is gaining popularity among cyber criminals as they are not easily flagged by security controls,” Cyware explained, adding, “Because of the large user base of Google cloud services, such phishing emails can often be overlooked by the security teams.”

To combat such phishing attempts, individuals and tech leaders should ensure that they’re up to date on hackers’ latest endeavors. As one might imagine, the more knowledgeable a user is, the better prepared they are to avoid falling victim to nefarious phishing campaigns.

Credits: https://www.itpro.co.uk/security/hacking/355854/hackers-wreaking-havoc-on-googles-cloud-infrastructure

Office Address

Unit 10, 394 Camden Road
London, N7 0SJ , UK



© 2024 INK Networks Ltd - Registered Company No 10221953

Pin It on Pinterest

Share This

Share this post with your friends!

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram