Dropbox Used to Spread Malware

DNSCalc gang has targeted the New York Times in the past, and now this cyber-hacking gang has found a new way to get its point across. Breaking news this afternoon has let to this discovery: the DNSCalc Gang is using Dropbox to spread malware to unsuspecting victims. Dropbox Used to Spread Malware

How Dropbox Is Being Used

The gang's setup is really clever. First, a file is sent to various Dropbox users (usually government officials or individuals with ties to the Association of Southeast Asian Nations). That file includes a .Zip file that appears to belong to the U.S.-ASEAN Business Council.

This file would then be sent to anyone interested in Council business, and the file actually contained a legitimate Council paper. Once the file was unzipped, the malware included in the file would open a backdoor to a host computer – all without recipients knowing what was happening.

After that, the malware file would find a WordPress blog that was created by the Gang. The malware contained IP address information in addition to a port number or a control server. From there, additional malware would begin to download. You could say that it was Game Over for anyone that was attacked.

Dropbox Used to Spread Malware: Why Dropbox?

Dropbox files tend to be trusted by most people. If you grant someone access to your Dropbox, you probably open up any file sent without a second thought. Gangs like the one mentioned above will use this vulnerability to send malware to unsuspecting Dropbox users. What can you do?

Unfortunately, this type of malware is hard to detect, and most company detection programs won't notice a thing happening when malware is moving around via Dropbox and to a WordPress blog. What you can do is report any kind of of attack like this one, so that other people are aware. If your system has already been attacked, it's really hard to do much about it.

One other tip: make sure you know who sent you a Dropbox file. Ask that person if they did, indeed, send you a file, and think twice before unzipping any files. These tactics will provide you with your best line of defense!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.