The cloud-based service, OneDrive, has been called out for sending cloud-storage links that host malware to victims, an efficient way for cyber criminals to operate. The reason for operating under a renowned name is because users will most likely trust a well-reputed and genuine source website. The initiation of attacks was traced back to August of this year, which includes the exploitation of the MySite feature that is used for sharing and uploading business-related data with external or internal parties. Download links are sent to prospective victims as part of mass-mailing campaigns. By clicking on this type of link, an infected archive file or executable file that includes a JavaScript downloader will be downloaded on a user’s system with dire repercussions. The research concluded that most attachments hosted on OneDrive for Business are infected with malware such as Dridex and Ursnif. Densely affected areas are Australia and the United kingdom, with 55% of emails sent to the former and 40% sent to British citizens shown by the most recent records. ForcePoint has provided a sample of the scam which follows the typical approach of using an invoice linked in the OneDrive for Business account to try to fool the victim into opening it. Moreover, given the extent of personal and sensitive data users tend to store on their OneDrive accounts, cyber criminals could be getting access to potentially valuable details, so it’s essential for businesses to take necessary actions and secure their accounts.

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ