Hackers are constantly looking for ways to improve their attacks and thus skip the security measures imposed on them.
Currently attackers are abusing the Bitbucket code hosting service to be able to send up to 7 different types of malware.
It is not the first time that hackers make use of cloud storage services to send malware as cases like Google Drive, Dropbox or GitHub have been known for the same purpose.
This campaign that uses Bitbucket has managed to infect more than 500,000 computers worldwide so far. Infected systems could receive malware capable of stealing data, mining cryptocurrencies or even delivering ransomware. Problems that, as we can imagine, put the security and privacy of users at risk.
What hackers do is use different Bitbucket accounts in order to host malware. These threats are frequently updated, according to security researchers.
The 7 types of malware that are sent
Each of these malware has a different purpose and everyone can put the security and privacy of their victims at risk.
One of these threats has been called Predator. It is intended to steal information from the victim's system, credentials stored in the browser or even use the camera to take photos.
There is also the threat called Azorult. This is a Trojan specially designed to steal passwords, cookies, browser history, credentials to log into accounts, etc.
With different evasion techniques they also send a miner that affects Monero, capable of mining cryptocurrencies to his liking.
The ramsomware called STOP is also present and as we know this malware, what it is looking for is to encrypt the files and systems of the victims and then request rescue for that information.
Vidar is another malware that is present. The goal is again to steal information from browsers, cookies, history, possible portfolios ... You can even steal authentication data in two steps.
The last two malware are Amadey bot and IntelRapid. They are a Trojan and a cryptocurrency thief, respectively.
How to avoid being victims of this threat
We must be aware at all times to have the 3 pillars of security to avoid being victims of this and many other threats that attack us day by day.
Common sense to avoid opening fraudulent files, having the latest updates on our devices and last but not least, having security tools that prevent the entry of malware that may compromise our computer.
