Security News > 2022 > January > Google Drive accounted for the most malware downloads from cloud storage sites in 2021
Google Drive ended 2021 as the most abused cloud storage service for malware downloads, according to security provider Netskope.
In its "January 2022 Cloud and Threat Report" released Tuesday, Netskope noted that cloud storage apps gained even greater adoption in 2021.
For 2021, cloud storage apps accounted for 69% of cloud-based malware downloads, down only slightly from 72% in 2020.
For the year, Google Drive took the top spot from Microsoft OneDrive as the cloud storage app with the greatest number of malicious downloads, accounting for 37% of them.
Rounding out the top five were SharePoint with 9%, Amazon S3 with 6% and GitHub with 3%. Last year's results contrast with those of 2020, in which OneDrive was the most exploited cloud storage app for malicious downloads with 29%, followed by Box with 17%, Amazon S3 with 15%, SharePoint with 13% and Google Drive with just 9%. Beyond evidence of Google's increasing popularity, there are other reasons why Google Drive surpassed other services in malware downloads last year, according to Netskope.
"The increasing popularity of cloud apps has given rise to three types of abuse described in this report: attackers trying to gain access to victim cloud apps, attackers abusing cloud apps to deliver malware, and insiders using cloud apps for data exfiltration," Netskope Threat Labs threat research director Ray Canzanese said in a press release.
News URL
Related news
- Google Cloud Strengthens Backup Service With Untouchable Vaults (source)
- Malware locks browser in kiosk mode to steal Google credentials (source)
- Google Cloud Document AI flaw (still) allows data theft despite bounty payout (source)
- Android malware 'Necro' infects 11 million devices via Google Play (source)
- New Octo Android malware version impersonates NordVPN, Google Chrome (source)
- Google Cloud Expands Confidential Computing Portfolio (source)
- Fake Google Meet conference errors push infostealing malware (source)