Exploiting cloud storage to host static websites with links spread via SMS messages.
Cyber-criminal campaigns exploit major cloud storage services to redirect users to malicious websites in order to steal information.
According to research by Enea, a URL linking to the cloud storage is distributed via text messages, which appear to be authentic and can therefore bypass firewall restrictions.
The SMS messages commonly offer incentives to click, such as winning prizes and claiming gift cards.
However the facility provided by cloud storage to host static websites is exploited - so when a recipient of the SMS clicks on the link, they are directed to the static website stored in the storage bucket.
This website then automatically forwards or redirects users to the embedded spam URLs or dynamically generated URLs using JavaScript, all without the user’s awareness.
Platforms such as Amazon S3, Google Cloud Storage, Backblaze B2, and IBM Cloud Object Storage have been detected as being exploited here.
Dan Raywood is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity for the past 15 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
Dan Raywood is a seasoned B2B journalist with over 20 years of experience, specializing in cybersecurity for the past 15 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes. Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
Streamlining the lifecycle of joiners, movers, and leavers using no-code automation
An error occurred trying to play the stream. Please reload the page and try again.
CloseRegistering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
