Safety researchers have revealed a sequence of prison campaigns that exploit cloud storage providers similar to Amazon S3, Google Cloud Storage, Backblaze B2 and IBM Cloud Object Storage.
These campaigns, pushed by unnamed menace actors, goal to redirect customers to malicious web sites to steal their data utilizing SMS messages.
Based on a technical write-up printed by Enea at present, the attackers have two main objectives.
First, they wish to be sure that rip-off textual content messages are delivered to cellular handsets with out detection by community firewalls. Second, they search to persuade finish customers that the messages or hyperlinks they obtain are reliable.
By leveraging cloud storage platforms to host static web sites with embedded spam URLs, attackers make their messages seem reputable and keep away from widespread safety measures.
Cloud storage providers permit organizations to retailer and handle information and host static web sites by storing web site belongings in a storage bucket. Cybercriminals have exploited this functionality by embedding spam URLs in static web sites saved on these platforms.
They distribute URLs linking to those cloud storage websites by way of SMS, which frequently bypass firewall restrictions as a result of perceived legitimacy of well-known cloud domains. As soon as customers click on on these hyperlinks, they’re redirected to the malicious websites with out their information.
As an illustration, the Google Cloud Storage area “storage.googleapis.com” was utilized by attackers to create URLs that hyperlink to spam websites. The static webpage hosted in a Google Cloud bucket employs HTML meta refresh strategies to redirect customers to rip-off websites instantly. This methodology permits cybercriminals to lure customers to fraudulent web sites that always mimic reputable affords, similar to reward card promotions, to steal private and monetary data.
Learn extra on the exploitation of cloud providers: Predator AI ChatGPT Integration Poses Danger to Cloud Companies
Enea has additionally noticed comparable techniques with different cloud storage providers like Amazon Internet Companies (AWS) and IBM Cloud, the place URLs in SMS messages result in static web sites internet hosting spam.
To defend in opposition to threats like these, Enea really helpful monitoring site visitors habits, inspecting URLs and being cautious of surprising messages containing hyperlinks.
