"Hackers Abuse Google Cloud Run in Massive Banking Trojan Campaign"

According to Cisco Talos researchers, hackers are abusing the Google Cloud Run service to spread massive amounts of banking Trojans such as Astaroth, Mekotio, and Ousaban. Google Cloud Run allows users to deploy frontend and backend services, websites, and applications, as well as manage workloads, without the need for infrastructure management or scaling. Cisco Talos researchers noticed a significant increase in the use of Google's service for malware distribution beginning in September 2023, when Brazilian actors launched campaigns involving MSI installer files to deploy malware payloads. Google Cloud Run has recently gained popularity among cybercriminals due to its low cost and ability to evade standard security blocks and filters. This article continues to discuss hackers abusing Google Cloud Run in a banking Trojan campaign.

Bleeping Computer reports "Hackers Abuse Google Cloud Run in Massive Banking Trojan Campaign"

Submitted by grigby1