Well-known cybersecurity expert Kevin Beaumont, who worked at Microsoft as a threat analyst (from June 2020 to April 2021), criticized the company for not fighting malware and abuse of OneDrive and Office 365.The fact is that Microsoft services are constantly being used to host malware. Usually, OneDrive accounts are used for this, which may have been created specifically for this purpose or stolen from legitimate users. It is also common to see malware hosted on corporate Office 365 accounts that have previously been compromised.
It all started with a recent report by an information security expert known as TheAnalyst, in which the abuse of Microsoft services was given a separate place. He wrote that, for example, the BazarLoader malware operators place their malware in Microsoft OneDrive and wondered: “Is Microsoft in any way responsible for this if they INTENTIONALLY place hundreds of files for more than three days leading to this [BazarLoader infection ]? “.
Let me remind you that BazarLoader is infected through spam messages. Attackers try to trick the recipients of such messages into opening a trojanized link. In this case, it was an ISO file containing a malicious DLL with a misleading label called “Documents”. The launch of such malware usually ends with a Conti ransomware attack.
In a report on TheAnalyst’s legitimate claims on Twitter, Beaumont responded as follows:
Beaumont also adds:
It is worth saying that the site URLhaus, supported by the Swiss project abuse.ch at the Institute of Cybersecurity and Engineering at the University of Bern, maintains statistics that confirm the words of experts. For example, according to the latest data, Microsoft shows the worst response time to malware among the top 10 sites hosting the most malicious URLs. It usually takes more than 29 days to remove Microsoft malware.
Google also suffers from malware and removes it slowly, on average in 14 days, but it’s still twice as fast as Microsoft.
Microsoft representatives have already paid attention to the criticism of specialists and made the following comment regarding the current situation:
Let me remind you that we also wrote that Researchers find four vulnerabilities in Microsoft Office.
User Review( votes)