In the past, we've written about a previous incident where we noticed malicious files that were being hosted on Google drive, and distributed via links in spam EMails (unsurprisingly sent via GMail). And now it looks like Google is at it yet again, distributing malware via this URL:
And this time, the scammers seem to have found an even easier-to-exploit flaw in Google's malware scanner. In the previous incident, they resorted to using less-common compression formats, which Google's malware scanner is presumably incapable of reading - this time, however, the scammers simply used a password-protected zip file. And that seems to be all it takes to sneak malware onto Google's servers, which they will then happily & unwittingly distribute.
We've notified Google that they're hosting & distributing malware over a week ago, when the message was first received - and even did so via multiple means, including sending spam complaints against the "spamvertised" Google drive link, and through Google's own "Report malicious software" page. Yet they don't seem to be at all concerned about that, since 7 days later they still haven't done anything about it & are still knowingly distributing that malware.
Hosting and domain registration for your personal, business, or non-profit website.
Web design and development, eCommerce, creative services for new and traditional media.
Linux and Windows web hosting plans start at just $7.95/mo.