A campaign that uses public cloud service providers to spread malware has been discovered by Cisco Talos. The offensive is the latest example of threat actors abusing cloud services like Microsoft Azure and Amazon Web Services for malicious purposes, security researchers Chetan Raghuprasad and Vanja Svajcer wrote in the Talos blog.
To camouflage their activity, the researchers noted, the hackers used the DuckDNS dynamic DNS service to change the domain names of the command-and-control hosts used for the campaign, which started distributing variants of Nanocore, Netwire, and AsyncRATs to targets in the United States, Italy and Singapore, starting around October 26. Those variants are packed with multiple features to take control of a target’s computer, allowing it to issue commands and steal information.
More Stories
Ransomware Attacks Surge to Record High in December 2024
NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded Read More
AI Will Write Complex Laws
Artificial intelligence (AI) is writing law today. This has required no changes in legislative procedure or the rules of legislative...
Major Cybersecurity Vendors’ Credentials Found on Dark Web
Cyble has found thousands of security vendors' credentials on the dark web, likely pulled from infostealer logs Read More
Account Compromise and Phishing Top Healthcare Security Incidents
Netwrix claims 84% of healthcare organizations detected a cyber-attack in the past year Read More
Cloudflare Mitigates Record-Breaking 5.6Tbps DDoS Attack
Cloudflare warns of a surge in hyper-volumetric DDoS after revealing it stopped a massive 5.6Tbps attack Read More
Half a million hotel guests at risk after hackers accessed sensitive data
The personal information of almost half a million people is now in the hands of hackers after a security breach...