Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks
released on 2023-02-16 @ 03:02:52 PM
The threat actor behind WIP26 has been targeting telecommunication providers in the Middle East. WIP26 is characterized by the abuse of public Cloud infrastructure – Microsoft 365 Mail, Microsoft Azure, Google Firebase, and Dropbox – for malware delivery, data exfiltration, and C2 purposes.