Share

Hackers use Dropbox to spread malware

Cape Town - Cyber criminals are migrating their strategy to include cloud-based services to launch attacks on computers, new research has revealed.

In a post by security firm Trend Micro, the firm found that hackers had been manipulating online storage utility Dropbox to download command and control settings (C&C) for malware.

Given that the platform offers free and anonymous storage, it has been an ideal platform to host malware which could be used to launch attacks.

"When BKDR_PLUGX.ZTBF-A is executed, it performs various commands from a remote user, including keystroke logs, perform port maps, remote shell, etc., leading to subsequent attack cycle stages. Typically, remote shell enables attackers to run any command on the infected system in order to compromise its security," wrote Maersk Menrige, threats analyst at Trend Micro.

Dropbox has over 300 million users globally, and has been accelerating as internet access becomes more widely available. The platform offers 2GB of free online storage, requesting only an e-mail address.

Trend Micro discovered that in 2013, the service was abused to launch an attack against a Taiwanese government agency, but the latest instance indicates that cyber criminals are using Dropbox to update C&C settings.

"The use of Dropbox aids in masking the malicious traffic in the network because this is a legitimate website for storing files and documents.  We also found out that this malware has a trigger date of May 5 2014, which means that it starts running from that date. This is probably done so that users won’t immediately suspect any malicious activities on their systems," said Menrige.


- Follow Duncan on Twitter
We live in a world where facts and fiction get blurred
Who we choose to trust can have a profound impact on our lives. Join thousands of devoted South Africans who look to News24 to bring them news they can trust every day. As we celebrate 25 years, become a News24 subscriber as we strive to keep you informed, inspired and empowered.
Join News24 today
heading
description
username
Show Comments ()
Rand - Dollar
18.94
-0.2%
Rand - Pound
23.89
+0.0%
Rand - Euro
20.44
+0.1%
Rand - Aus dollar
12.34
+0.1%
Rand - Yen
0.13
-0.1%
Platinum
908.75
+1.3%
Palladium
1,014.28
+1.3%
Gold
2,219.42
+1.1%
Silver
24.83
+0.8%
Brent Crude
86.09
-0.2%
Top 40
68,346
+1.0%
All Share
74,536
+0.8%
Resource 10
57,251
+2.8%
Industrial 25
103,936
+0.6%
Financial 15
16,502
-0.1%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders