Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

by | November 14, 2022 | Malware

A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor’s infection chain.

Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that’s used to facilitate information theft.

“What is noteworthy is data collection from victims’ machines using Dropbox repository, as well as attackers using Dropbox API for communication with the final stage,” the company said.

The development comes a little over two months after ESET disclosed details of attacks carried out by Worok against high-profile companies and…

See More

Skip to content