- AhnLab Security Intelligence Center (ASEC) has been consistently sharing cases of attacks that collect user information or distribute malware using cloud services such as Google Drive, OneDrive, and Dropbox.
- The attackers primarily upload malicious scripts, RAT malware, decoy document files, and other files to cloud servers to carry out the attacks.
- The uploaded files work together to perform various malicious activities.
- The process from the initial distribution file to the execution of the final RAT malware involves multiple connected files, all operating through the attacker’s cloud.
- This type of attack poses a risk of downloading undetected malware or stealing information.
- For more information, refer to the post Cloud storage를 활용하는 APT 공격 on the ASEC BLOG.
https://asec.ahnlab.com/ko/65684/