Cybersecurity researchers have uncovered a troubling trend: hackers are becoming more creative and dangerous by developing new malware tools and exploiting popular cloud services that people and businesses trust every day.
One major threat comes from a hacking group called Gamaredon, which has been expanding its attacks by creating new malware and abusing cloud services. Instead of just targeting specific systems, these attackers are now using legitimate cloud platforms to hide their activities. This strategy makes it harder for security teams to catch them because the attacks look like normal business activity at first glance.
In a separate discovery, security researchers at Google found that another hacking group, known as Turla, has been using a new backdoor tool called STOCKSTAY. A backdoor is a hidden entrance into a computer system that allows attackers to spy on users and steal information without permission. Turla has been using STOCKSTAY in espionage attacks, meaning they are trying to steal government secrets and sensitive business information.
The situation grew more serious when researchers discovered that a third group of hackers, called Icarus, successfully breached Salesforce, a major cloud platform used by millions of companies worldwide. When Icarus leaked stolen data from these attacks, it showed just how many organizations could be affected by a single breach. Salesforce is used by businesses to manage customer relationships and store important business information, so a hack affects not just one company but potentially thousands of businesses that rely on the platform.
What makes these attacks especially concerning is that attackers are using cloud services as weapons. Cloud services are supposed to be secure places where companies store and share information online. However, when criminals abuse these services, they can reach many targets at once and hide their activities among legitimate cloud traffic.
Security experts are warning businesses and government agencies to strengthen their defenses. This includes being more careful about who has access to cloud services, watching for suspicious activity, and keeping software updated with the latest security patches. These incidents show that as technology companies improve their security, attackers keep finding new and more clever ways to break in and steal information.