Hackers are increasingly hiding within services such as Slack and Trello to deploy malware


An extensive range of malware that abuses legitimate internet services is described in a new investigation, along with recommendations for what defenses can do to stop it. Criminal hackers have always utilized legitimate web services like Gmail and Facebook for their own purposes, but they are increasingly coming up with new strategies for blending into well-known programs to avoid detection and identify unwitting victims.

As part of their infrastructure, at least a quarter of the more than 400 malware families that have been used in the past two years, according to an analysis of those families, were abusing legitimate internet services. This made it easier for malicious hackers to blend in with legitimate traffic and made it more difficult for those responsible for network defense to do their jobs.

Read More…