The “Threat Horizon” report shows that hackers are targeting the cloud. Russia has launched a Gmail phishing campaign and North Korea is posing as Samsung.
Google found that most of the attempts to hack its Cloud Platform were for cryptocurrency mining.
Within 22 seconds of a compromised account, the crypto mining software was downloaded.
The report claims that most of the time (75%) poor security practices result in a breach. I hope you enjoyed these examples. Use them to make your second grader’s understanding of basic English more concrete!
The most common reason for hackers to access cloud service accounts was weak or no password (48%).
Russian interference
The article says that hackers known as Fancy Bear also known as APT28 targeted Gmail users.
The attacker targeted around 12,000 accounts in a phishing campaign. The attacker attempted to mimic Google’s ‘government-backed hacker alerts’ to entice victims into revealing their credentials.
A report claims that the campaign will be specifically targeted in the United States, the United Kingdom, India, Canada, Russia, Brazil, and members of the European Union. Other targeted regions include members of the European Union.
Last month Google issued a warning to 14,000 Gmail users. The warning was issued by the same hacking group that violated their accounts in June. They are using this notice to try to go after users again.
Google supposedly blocked messages by Fancy Bear. Thus, no compromise of credentials.
North Korean endeavors
The report also describes how North Korean government-supported groups hacked into the systems of multiple South Korean companies that sell anti-malware software.
Threat actors were posing as representatives from Samsung. According to the Google email, an alleged job description was included in a PDF file.
The PDFs were corrupted. When the targets replied that they could not open the job description, the attackers responded with a malicious link.
The link directed victims to a Google Drive account with malware on it. Google has supposedly blocked this account.
إرسال تعليق