Google Drive trojan fling

Cybercrooks have taken to using a combination of shortened links and a shared file hosted on Google Drive to deliver the 9002 trojan, a cyber-espionage threat.

The use of Google Drive to host malicious files is uncommon but far from unprecedented. Palo Alto Networks’ threat intelligence group, Unit 42, reckons that use of a well-known hosting platform may allow the downloading of a payload to blend into other legitimate traffic.

The hackers behind the 9002 trojan are still use spear phishing as their primary attack method. The use of a URL shortening service and a redirection server further aids the chances of a successful attack because of the way link shorteners obfuscate link content. ®

Biting the hand that feeds IT © 1998–2019