ElevenPaths discovers low cost malware that uses Gmail as a covert channel
Did you know that Gmail is being used as C&C to exfiltrate corporate information?
At ElevenPaths we found out that certain malware samples that are using email services as covert channels for the exfiltration of information are becoming part of advanced persistent attacks.
These techniques are not always subject to high levels of investment, they are proving to be efficient in corporate environments with large quantities of sensitive information.
Thus, limiting communications to suppliers, who are also legitimately used, is becoming very difficult because of forcing the proposal of new strategies and elements aimed at defending against advanced malware.
Our analyst team recommends to thoroughly monitor the endpoint behaviour taking into account that a domain or service, a priori legitimate, could be being used with malicious intentions.