Australians main target of OneDrive malware campaign


By Dylan Bushell-Embling
Monday, 28 November, 2016

Australians main target of OneDrive malware campaign

Australians are the main target of a new malware campaign involving compromised Microsoft 365 OneDrive for Business accounts, research from Forcepoint Security shows.

The security company has identified an attack method involving compromising the personal URLs assigned to each registered employee of the Microsoft cloud storage service, known as MySite, and using the compromised accounts to spread malware.

Generated download links are then included in mass-mailing campaigns, which are being used to further distribute malware. Multiple malware families are being distributed using this method, Forcepoint said, including Dridex and Ursnif.

The resulting malicious link includes the domain name of the compromised business, lending legitimacy to the malware campaign. This also presents strong potential for reputational risk for affected companies.

Around 55% of the emails sent using this method were sent to Australian recipients, with 40% from the UK, Forcepoint said.

In addition, one of the seven most frequent subject lines for emails containing malicious OneDrive for Business links was customised for Australia, as it involves a “request for ASIC correspondence reprint”.

It is currently unknown how OneDrive for Business accounts are being compromised, Forcepoint said. But hacked accounts present a security risk for the affected business as it means attackers may also have access to other business assets or contacts.

Image courtesy Microsoft.

Related News

Akamai, Fujitsu strengthen partnership in ANZ

Akamai and Fujitsu plan to collaborate to develop solutions for enterprises in Australia and New...

Cloudflare enters multicloud networking market

Cloudflare has launched a new multicloud network management solution powered by technology...

Akamai taking cloud computing to the edge

Akamai's new initiative, code-named Gecko, accelerates Akamai's build-out of what it...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd