Researchers at FireEye have disclosed an ongoing Phishing campaign that’s using Dropbox as a delivery platform. The campaign is ran by a group that researchers have named “admin@338″ and it’s targeting media organizations in Hong Kong that publish pro-democracy materials. The attacks are using basic emails trapped with documents that deliver a malware payload called LowBall. The malware uses the Dropbox API with a hardcoded bearer access token and can upload, download, and execute files. FireEye worked with Dropbox to stop the campaign, but their efforts uncovered a second, likely related, attack.”]