Blog | G5 Cyber Security

Phishing Attacks Enlist Amazon AWS, Microsoft Azure in Ploys

An ongoing phishing campaign is hosting its landing pages on enterprise-class public cloud storage services. The landing page uses JavaScript encoding, according to the analysis, with multiple layers. The attackers are also layering on various obfuscation techniques, including multibyte XOR encoding. This is a continuation of adversaries growing interest in public cloud buckets, researchers said. Use of enterprise cloud services is still a fledgling technique, Proofpoint researchers said, but they warned that defenders should be aware that cloud storage is growing attack tool.

Source: https://threatpost.com/phishing-amazon-aws-s3-cloud-buckets/147111/

Exit mobile version