Yikes! Not a good place to be! Azure finds itself at the center of controversy, as malicious actors are using the cloud platform to serve malware payloads.
Right under the nose of Microsoft.
According to the report, security firm Netskope first revealed this development, confirming that payloads are infecting targets in the healthcare sector, which is one the more security conscious domains of business.
To make matters worse, while cloud providers, including Microsoft Azure, offer virus and malware scanning, these security solutions are clearly not enough to prevent the malice from spreading.
A lot of that has got to do with the fact that IT administrators implicitly trust the IP address blocks used by Azure for services used by their organizations. Or even, through products supplied by a third-party vendor which utilizes the Microsoft cloud.
Beside, a cybercriminal that is using Azure to propagate malware is almost guaranteed to have disabled the scanning service that the company offers on its cloud platform.
This time around, the malware in question is called Capitalinstall, and it deploys the Linkury adware package, which is presently being hosted on Azure.
No confirmation that Netskope contacted Microsoft about the existence of this malware on its cloud or not, but it remains live as of this writing.
A victim that has his or her machines infected by this malware is then presented with a page that directs them to install a myriad of browser addons, cryptocurrency miners and other software.
Moral of the story is that inherent trust of cloud service provides is not the wisest thought in the world. Because at the end of the day, they are but a part of the public Internet. And that means, anyone can upload anything and deliver it to unsuspecting users.
Lessons to be learned here, folks!