Should Dropbox be Shutdown for Spreading Mass Malwares ?
Blog posts on Symantec and ThreatPost have point the fact that Dropbox is used by bad guys to spread spam and phishing campaigns and also malwares. All theses malwares, files used in phishing and spamming campaigns coming from the “Public Folder” of malicious Dropbox accounts. Any file put in this folder gets its own Internet link so that he can be shared with others. Examples of malwares spread by Dropbox :
http://dl.dropbox.com/u/58336523/x/login.php, PHP/IRCBOT used in remote file inclusion campaigns.
http://dl.dropbox.com/u/63038576/Script.exe, WORM/Ainslot.A.1946 used in infection campaigns.
The problem is that Dropbox is not spreading malwares since few days. If you take a look at Clean MX database, Dropbox is present since 2010-04-19, with an explosion of malwares in 2011. The fact that Dropbox spread malwares is real and it is the case since long time. Dropbox is also present in Malc0de database since 2012-02-26.
Compared to other malware spreaders, Dropbox has a privileged status. For example, in November 2011, FileAve.com a free file hosting provider notorious for spreading thousands of malwares were shutdown after years of activities. FileAve.com have provide 50 MB free storage and a free sub domain for each created account (ex : http://yourname.fileave.com). FileAve.com was present in Clean MX database since the 2007-11-30, in Malc0de database since the 2010-01-11 and in our database since the 2009-02-16. The shutdown of FileAve.com was a good news for every one.
We can ask us a legitimate question, should Dropbox be shutdown, same as for FileAve.com ? Aren’t they both malware spreaders ?
I recommend you to read these related posts
- In Memory of FileAve.com Botnet
- Interview of Mathias Ortmann MEGA CTO
- Metasploit VMware Auxiliary Modules
- Remote File Inclusion in Google Cloud – nurhayati satu
- Le mythe de la sécurité par la virtualisation ou Cloud Computing
- Les solutions Cloud ne sont pas “compliant” avec PCI
- Red Hat fait l’acquisition de Qumranet.
- Cloud or not to Cloud ?
- gangbang.mytijn.org Malware Spreader Down
- FileAve.com Botnet Activities