Azure cloud-tjenester er blevet et glimrende valg for cyberkriminelle, der har brug for at gemme et sted skadeligt indhold.From fishing templates to malware and C&C kommando servere, det ligner angriberne har fundet egnet opbevaring til alt dette.
”Ikke alene er Azure hosting malware, det er også fungerer som kommando og kontrol infrastruktur for de skadelige filer”, — says David Pickett from AppRiver.
Earlier has already been mentioned connection of cybercriminals with Azure. For eksempel, om 200 fake tech support sites were hosted on this platform. There was also a case where Azure was used to store fishing templates for Office 365.
It turned out that these are not isolated cases as JayTHL og Malware Hunter Team security researchers found a malicious program on Azure, which was immediately reported by Microsoft.
“It is clear that at the moment, Azure does not detect malicious programs hosted on Microsoft servers,” – explains David Pickett.
Researchers downloaded “Searchfile.exe”, one of the found samples, På VirusTotal. It turned out that Windows Defender does not detect this malware.