A new hacking campaign has been spotted in which the attackers are abusing legitimate cloud storage services to host malicious payloads.
In a research report, Securonix said that the campaign starts with a phishing email containing a .ZIP archive. When unzipped, the archive delivers an executable file that was made to look like an Excel file. The file uses a hidden left-to-right override (RLO) Unicode character, reversing the order of the characters that follow.
Source link