"Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users"

"CLOUD#REVERSER," a new attack campaign, uses Google Drive and Dropbox to stage malicious payloads. Securonix researchers said the CLOUD#REVERSER's VBScript and PowerShell scripts use Google Drive and Dropbox as staging platforms for managing file uploads and downloads. The scripts fetch files matching certain patterns, which suggests they are waiting for commands and scripts in Google Drive or Dropbox. A phishing email with a ZIP archive file containing a Microsoft Excel file-looking executable starts the attack chain. This article continues to discuss findings regarding the CLOUD#REVERSER attack campaign. 

THN reports "Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users"

Submitted by grigby1

Submitted by Gregory Rigby on