Microsoft boots apps out of Azure used by China-sponsored hackers
Fortune 500 companies aren’t the only ones flocking to cloud services like Microsoft Azure. Increasingly, hackers working on behalf of the Chinese government are also hosting their tools in the cloud, and that’s keeping people in Redmond busy.
Earlier this year, members of the Microsoft Threat Intelligence Center suspended 18 Azure Active Directory applications after determining they were part of a sprawling command-and-control network. Besides the cloud-hosted applications, the members of the hacking group Microsoft calls Gadolinium also stored ill-gotten data in a Microsoft OneDrive account and used the account to execute various parts of the campaign.
Microsoft, Amazon, and other cloud providers have long touted the speed, flexibility, and scale that comes from renting computing resources as needed rather than using dedicated servers in-house. Hackers seem to be realizing the same benefits. The shift to the cloud can be especially easy thanks to free trial services and one-time payment accounts, which allow hackers to quickly get up and running without having to have an established relationship or even a valid payment card on file.
Source : https://arstechnica.com/?p=1709604