Global search engine giant Google has revealed that hackers are increasingly targeting compromised cloud accounts to mine cryptocurrencies. The disclosure is part of a new report from Google’s internal cybersecurity action team.
Google’s cybersecurity team, which detects and offers advice on how to tackle cyber threats, released a report entitled “Threat Horizon” which sheds light on the many threats currently looming in cyberspace.
According to the report, Russian state hackers tried to trick users into giving up their passwords under the pretext that they were the target of state-sponsored attackers. In North Korea, hackers try to lure users with fraudulent job offers from expensive companies like Samsung.
Crypto miners are hacking Google cloud accounts
However, the biggest threat that plagues cyberspace is one that tries to take full advantage of the current big buzzword, also known as cryptocurrency.
Because the “mining” blockchains that underlie cryptocurrencies require a significant amount of computing power and expensive software, 86% of cloud hacks are said to be used to perform cryptocurrency mining.
The cryptocurrency mining software section will be downloaded within 22 seconds after the cloud account is hacked. Cyber attackers use vulnerable third-party software and poor client security to carry out attacks.
Other forms of cyber threat
According to Google’s report, in one case, 12,000 Gmail accounts were attacked by the Russian government-backed APT28 hacker group, also known as Fancy Bear, in which users were tricked into sharing their information with the user. via email.
According to Google, the attack was neutralized after blocking all phishing emails, “which were concentrated in the United Kingdom, the United States, and India, and there was no lack of user data.
In another attempt, North Korean-backed attackers attempted to trick South Korean Google Cloud users into falsifying Samsung job postings. The target of the attack was employees of South Korean information security companies. Users have been tricked into ending up on a malicious link related to malware stored on Google Drive. The link is now blocked.
Google is also dealing with ransomware attacks, in which attackers encrypt files and data on a user’s computer until a ransom is paid for sharing because the report says that the encryption is so strong that it is almost impossible to obtain it without restoring it them.
The report also reported on the use of the Black Matter ransomware. Japanese tech giant Olympus is one of the main victims of Black Matter, who said it suspected “pressure from the authorities.” Until then, the risk remains substantial.
Google Suggests Ways To Fight Cyber Threats
In its recommendations, Google urged users of cloud-based services to improve their security by using two-factor authentication and to sign up for the Google Safety for Work program.