Microsoft OneDrive falling prey to malware attacks

khushaartanveer@gmail.com' By: Khushaar Tanveer
2 minute read

According to a recent analysis by Forcepoint Security Labs, Microsoft’s OneDrive for business has fallen victim to cyber criminals and has been exploited by malware and phishing attacks.

The cloud-based service, OneDrive, has been called out for sending cloud-storage links that host malware to victims, an efficient way for cyber criminals to operate. The reason for operating under a renowned name is because users will most likely trust a well-reputed and genuine source website.

The initiation of attacks was traced back to August of this year, which includes the exploitation of the MySite feature that is used for sharing and uploading business-related data with external or internal parties. Download links are sent to prospective victims as part of mass-mailing campaigns.

By clicking on this type of link, an infected archive file or executable file that includes a JavaScript downloader will be downloaded on a user’s system with dire repercussions. The research concluded that most attachments hosted on OneDrive for Business are infected with malware such as Dridex and Ursnif. Densely affected areas are Australia and the United kingdom, with 55% of emails sent to the former and 40% sent to British citizens shown by the most recent records.

ForcePoint has provided a sample of the scam which follows the typical approach of using an invoice linked in the OneDrive for Business account to try to fool the victim into opening it.

Moreover, given the extent of personal and sensitive data users tend to store on their OneDrive accounts, cyber criminals could be getting access to potentially valuable details, so it’s essential for businesses to take necessary actions and secure their accounts.

“The abuse of online cloud storage services are a cost effective and highly disposable approach for cybercriminals to spread malware,” says Forepoint researcher Rolan Dela Paz writing on the company’s blog. “However, as this tactic already known to many people nowadays, cybercriminals may be looking for alternative ways to keep their social engineering ploys effective. The abuse of Microsoft OneDrive for Business service may aid them in this case. Since it is a paid service for businesses, malicious download links hosted by the platform adds a layer of ‘trust’ to prospective victims to inadvertently downloading malware”.

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading

Discussions