Carbanak, a powerful cyber-crime group, is using certain Google services as command and control for its malware and other malicious elements. The news was released by cybersecurity firm Forcepoint this week. Forcepoint uncovered a trojanized RTF document, which, once ran, will "send and receive commands to and from Google Apps Script, Google Sheets, and Google Forms services." Each infected user gets a unique Google Sheets spreadsheet, allowing the attackers to "manage" each victim. This approach allows the group two key advantages. One, it allows them to hide in plain sight, and, two, it’s highly unlikely that organizations will be blocking Google services by default,…
[Continue Reading]