Basecamp , a communication platform used by corporates for project management is being abused by hackers for hosting their malware. Researchers found that hackers are distributing their Basecamp public documents to targets, which carry the BazarLoader trojan, that eventually deploy the Ryuk ransomware malware. Being suspicious about public documents is the way to thwart any such campaigns.
Basecamp Used For Malware Hosting
Basecamp is a sophisticated project management pack for letting groups chat, create, and share documents. They can include images, styled text, and URLs in their documents when composed, and share them with others for collaboration. What’s criticized here is the usage of its public documents and free hosting solutions.
Basecamp’s personal package is free, thus letting users host their documents for free. Also, their public documents can be shared with anyone on the internet through the link that’s created when formatting the document. While this has a legitimate purpose, researchers at MalwareHunterTeam and James have found a campaign, where some malicious actors are abusing the Basecamp.
86e4be488d98cb086d8161baa7b58c28ab2ce2d0e415ff1d29d0f537bb16c773 Ah, so they are using @basecamp … pic.twitter.com/ejPT1qgqYE — MalwareHunterTeam (@malwrhunterteam) October 16, 2020
