Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.


Hackers use Dropbox to spread malware

26 June 2014, 12:07 Duncan Alfreds, Fin24

Cape Town - Cyber criminals are migrating their strategy to include cloud-based services to launch attacks on computers, new research has revealed.

In a post by security firm Trend Micro, the firm found that hackers had been manipulating online storage utility Dropbox to download command and control settings (C&C) for malware.

Given that the platform offers free and anonymous storage, it has been an ideal platform to host malware which could be used to launch attacks.

"When BKDR_PLUGX.ZTBF-A is executed, it performs various commands from a remote user, including keystroke logs, perform port maps, remote shell, etc., leading to subsequent attack cycle stages. Typically, remote shell enables attackers to run any command on the infected system in order to compromise its security," wrote Maersk Menrige, threats analyst at Trend Micro.

Dropbox has over 300 million users globally, and has been accelerating as internet access becomes more widely available. The platform offers 2GB of free online storage, requesting only an e-mail address.

Trend Micro discovered that in 2013, the service was abused to launch an attack against a Taiwanese government agency, but the latest instance indicates that cyber criminals are using Dropbox to update C&C settings.

"The use of Dropbox aids in masking the malicious traffic in the network because this is a legitimate website for storing files and documents.  We also found out that this malware has a trigger date of May 5 2014, which means that it starts running from that date. This is probably done so that users won’t immediately suspect any malicious activities on their systems," said Menrige.

- Follow Duncan on Twitter



Read News24’s Comments Policy

Comment on this story
Comments have been closed for this article.

Read more from our Users

Submitted by
Shakila Alivitsa
Helping you find the type of man ...

To put it simply, you can’t go looking for fish in a meat market; you have to go to a fish market. Read more...

Submitted by
Wilson Ochieng
Mudavadi set for 2 month long wes...

Musalia Mudavadi is set for western Kenya campaigns.

Submitted by
Victor Tinto
I need a miracle to win in 2017, ...

An MP says that he needs a miracle to win the 2017 elections but has not given up on victory despite the odds being against him. Read more...

Submitted by
Victor Tinto
Raila ungrateful for my help, MP ...

An MP says that he made ODM famous in Meru and has accused the party of ungratefulness despite his hard work. Read more...

Submitted by
Victor Tinto
I'm ready for by-election today, ...

I'm ready for a by election, an angry ODM rebel MP tells Raila Odinga. Read more...

Submitted by
William Korir
ODM kicks 6 MPs out of Parliament...

ODM has kicked 6 rebel members out of house committees. Read more...