Threat actors look with great interest at cloud services that could be abused for several malicious purposes, like storing malware or implementing command and control servers.
Security researchers already spotted some malware hosted on the Microsoft Azure platform.
Researchers at AppRiver observed attackers deploying malware on the Microsoft Azure platform, the bad news is that those malicious codes were not removed after some weeks, on May 29.
“Now the attacks have escalated to malware being hosted on the Azure service. Not only is Azure hosting malware, it is also functioning as the command and control infrastructure for the malicious files” reads the analysis published by AppRiver.
“On May 11, 2019, malware researchers @JayTHL & @malwrhunterteam discovered the malicious software on Azure. It was reported to Microsoft on May 12 for abuse via ticket #SIR0552640. However, the original malware (plus additional samples uploaded since) still resided on the Azure site as of May 29, 2019 – 17 days later.”
Experts pointed out that Azure is failing to detect the malware hosted on Microsoft’s servers.
“No service is infallible to being attacked or exploited. It’s evident that Azure is not currently detecting the malicious software residing on Microsoft’s servers. However, if a user attempts to download the
In one case, a sample named searchfile.exe was uploaded to VirusTotal on April 26, 2019. Even is Windows Defender detects the malware its presence on Azure is not currently blocked. Unfortunately, experts reported many other similar cases.
Experts believe that this trend will continue to grow, threat actors will not only abuse Microsoft Azure, but other cloud services (i.e. Google Drive, Dropbox, and Amazon) will be exploited by attackers to avoid detection.
(SecurityAffairs – Microsoft Azure, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.