Hackers are wreaking havoc on Google’s Cloud infrastructure

Attackers use Google Firebase storage URLs to trick users into giving up their login credentials

According to Cyware, researchers at Trustwave recently discovered numerous hackers infecting users with malware by targeting them via Google's Cloud infrastructure.

A number of phishing campaigns uncovered by the team of researchers found that threat actors are using Google Firebase storage URLs to dupe users into giving up their login credentials.

Advertisement - Article continues below

By leveraging Google Cloud’s infrastructure in their campaigns, threat actors have attached Google Firebase storage URLs to various phishing emails. Once a user clicks on the Firebase link in the email, they are directed to a fake login page that requests their login credentials. Once an unsuspecting user has entered their credentials, she fake page shares them with the hackers.

Per Trustwave: “This phishing campaign although low in volume seems to be targeting a range of industries, as well as being detected by our spam traps. Some exemplar phishing messages used in this campaign are illustrated here. The major themes include payment invoice, upgrade email account, release pending messages, verify account, account error, change password, etc.”

Trustware also observed threat actors using the coronavirus pandemic and internet banking lures to trick victims into accessing fake vendor-payment forms designed to harvest users’ login credentials. Other tactics the hackers used included Microsoft Outlook and Office 365 phishing pages that harvest corporate login credentials.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

“The use of cloud infrastructure is gaining popularity among cyber criminals as they are not easily flagged by security controls,” Cyware explained, adding, “Because of the large user base of Google cloud services, such phishing emails can often be overlooked by the security teams.”

To combat such phishing attempts, individuals and tech leaders should ensure that they’re up to date on hackers’ latest endeavors. As one might imagine, the more knowledgeable a user is, the better prepared they are to avoid falling victim to nefarious phishing campaigns.

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now
Advertisement

Recommended

Infostretch is now an AWS advanced consulting partner
Amazon Web Services (AWS)

Infostretch is now an AWS advanced consulting partner

4 Aug 2020
Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020
British teenager charged over Twitter hack
hacking

British teenager charged over Twitter hack

3 Aug 2020
Mid-year report says vulnerabilities up 22% in 2020
hacking

Mid-year report says vulnerabilities up 22% in 2020

30 Jul 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
Police use of facial recognition ruled unlawful in the UK
privacy

Police use of facial recognition ruled unlawful in the UK

11 Aug 2020