Microsoft’s OneDrive cloud storage service has seen a rapid and major rise in the number of malicious files hosted on the platform. Data from FireEye suggests the file hosting tool has seen malicious files grow more than 60% over the last quarter (year-on-year).
In its report, FireEye says OneDrive has observed this significant rise, the largest amongst its three rivals, Dropbox, Google Drive, and WeTransfer. In fact, the service went from being comfortably the safest cloud storage provider in terms of malicious files last year to be the second worst.
Dropbox continues to be the worst of the bunch, with 80% of malicious file usage growth. This continues from last year, where Dropbox was also the worst.
“Attackers find these well-known and trusted sites useful because they bypassed initial domain reputation checks performed by security engines,” the document explains.
“Rather than sending an email with an attached file containing malicious content directly to a target, the attackers upload the content to the file sharing site. The target receives notification from the service that there is a new file waiting for them, along with a link to download the file. Some of these services also offer a preview of the file showing content in a URL that can be clicked without having to download the file. This makes the attack very efficient and difficult to detect”
Changing Trends
The question now is whether this was an unusual event of attackers have found OneDrive to be easier to store files on? Microsoft’s take on this report would be interesting. If this is evidence of a continuing trend, the company may want to introduce new security features.
FireEye says users can avoid losing important data by simply not storing confidential or sensitive information on a public cloud service. The company says phishing attacks are increasingly common and can lead unwitting users to disclosing their data.
