According to a new investigation, criminals are increasingly using Google Drive to transmit malware. According to the data, Google Drive was used to distribute roughly 50% of malicious office documents in 2021.
The use of legitimate hosting platforms for nefarious purposes
The information is based on a Netskope study and covers a variety of office products, including Office 365, Google Docs, and PDFs. It also claims that infected office documents account for 37% of all malware downloads.
Microsoft OneDrive was the most common source of infected office documents until 2020, accounting for 34% of all malicious document downloads.
That changed in 2021, when Google Drive supplanted OneDrive. With 19 percent of the market, Microsoft OneDrive comes in second.
15 percent of victims downloaded infected office documents from Sharepoint, which is ranked third. Gmail and Box came in second and third, with 4% and 3%, respectively, while the rest of the apps accounted for 9% of the total.
The most widely used method of spreading is
As more and more businesses go to the cloud, the number of people signing up for it continues to grow.
Cybercriminals create free accounts on cloud app hosting platforms, upload dangerous files, and share them with the public or a small group of people.
They then wait for some naive consumers to open the file and infect their device with the virus contained within.
Additional information
The report includes a number of statistics that indicate how the use of harmful documents has evolved over the last two years.
Malicious document downloads were found to be 43 percent in the start of 2021.
In the next quarter, the quantity of fraudulent documents decreased by 1%. It was at 35% in the third quarter of 2021.
However, in Q4 2021, the percentage of harmful office documents grew to 37%.
Conclusion
Cybercriminals have become increasingly reliant on legitimate Microsoft and Google systems. Users who often download or receive documents from unknown sources or via email should be cautious. Organizations must also utilize user authentication and threat monitoring technologies to secure their cloud apps.