Cybercriminals and states-sponsored hackers are leveraging Google Drive site and other cloud storage to operate in a stealthy way and avoid detection.
Cybercriminals and attackers are exploiting once again Google Drive infrastructure to avoid detection. The exploitation of Google Drive cloud storage by cyber criminals is not a novelty, a few days ago experts at TrendMicro detected uncovered a sophisticated phishing campaign that was organized to syphon sensitive data from victims.This time, cyber criminals have published a modified version of the legitimate Google Drive login page to steal email credentials from victims. The researchers consider the attack an improved version of the cyber attacks discovered early this year.
As usual the attacks starts with a phishing email containing a link to a bogus Google Drive site that allows victims to log in using different email services, including Yahoo and Hotmail.
http://securityaffairs.co/wordpress/wp-content/uploads/2014/10/fake-google-drive.jpg
Full Article