Azure Storage Explorer: New Tool for Extortionists

18 Sep 2024 5:54 pm GMT+0000 Date Time

Security specialists from Modepush recently discovered that extortion groups are actively using Microsoft Azure tools for data theft
According to a recent report by security specialists at Modepush, extortion groups such as Bianlian and Rhysida have been discovered using Microsoft Azure Storage Explorer and Azcopy tools to steal data from hacking networks. The stolen data is then stored in the cloud storage service, Azure Blob. Azure Storage Explorer is a graphical control tool for Azure, while Azcopy is a command utility for large-scale data transfer to the cloud. By utilizing these tools, criminals are able to easily load stolen data into the Azure Blob container, making it simple to transfer the data to other storage facilities. The experts at Modepush have observed that in order to use Azure Storage Explorer, attackers must install additional dependencies and update the platform, which includes key components such as the .NET execution and programming languages compilers. .NET is a versatile platform used for creating various applications like desktop, web, and mobile apps, as well as games and web servers’ services.

Security specialists from Modepush recently discovered that extortion groups are actively using Microsoft Azure tools for data theft

According to a recent report by security specialists at Modepush, extortion groups such as Bianlian and Rhysida have been discovered using Microsoft Azure Storage Explorer and Azcopy tools to steal data from hacking networks. The stolen data is then stored in the cloud storage service, Azure Blob.

Azure Storage Explorer is a graphical control tool for Azure, while Azcopy is a command utility for large-scale data transfer to the cloud. By utilizing these tools, criminals are able to easily load stolen data into the Azure Blob container, making it simple to transfer the data to other storage facilities.

The experts at Modepush have observed that in order to use Azure Storage Explorer, attackers must install additional dependencies and update the platform, which includes key components such as the .NET execution and programming languages compilers. .NET is a versatile platform used for creating various applications like desktop, web, and mobile apps, as well as games and web servers’ services.

/Reports, release notes, official announcements.