Security News > 2024 > February > Hackers abuse Google Cloud Run in massive banking trojan campaign
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban.
Google Cloud Run is lets users deploy frontend and backend services, websites or applications, handle workloads without the effort of managing an infrastructure or scaling.
The researchers' report notes that Google Cloud Run has become attractive to cybercriminals lately due to its cost-effectiveness and ability to bypass standard security blocks and filters.
The emails come with links that redirect to malicious web services hosted on Google Cloud Run.
The campaigns abusing Google Cloud Run involve three banking trojans: Astaroth/Guildma, Mekotio, and Ousaban.
Finally, Ousaban is a banking trojan capable of keylogging, capture screenshots, and phishing for banking credentials using fake banking portals.
News URL
Related news
- Google Cloud Expands Confidential Computing Portfolio (source)
- Google Cloud to make MFA mandatory by the end of 2025 (source)
- Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users (source)
- All Google Cloud users will have to enable MFA by 2025 (source)
- Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage (source)
- TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services (source)
- Hackers steal 15,000 cloud credentials from exposed Git config files (source)