"Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users"
"Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users"
"CLOUD#REVERSER," a new attack campaign, uses Google Drive and Dropbox to stage malicious payloads. Securonix researchers said the CLOUD#REVERSER's VBScript and PowerShell scripts use Google Drive and Dropbox as staging platforms for managing file uploads and downloads. The scripts fetch files matching certain patterns, which suggests they are waiting for commands and scripts in Google Drive or Dropbox. A phishing email with a ZIP archive file containing a Microsoft Excel file-looking executable starts the attack chain.