Hello and welcome to the Thursday, November 9th, 2020, 3 edition of the Santernet Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Will ever wonder how fishing campaigns are tracking all the emails they're sending and calculating things like success rates and such.

Well, turns out they're using the same tools as commercial legitimate marketers are using.

Xavier came across a project file that, well, first he thought it was actually a Microsoft project file, because

the extension is similar. It's MMP, not MPP, as the normal Microsoft project. And the file

itself loaded into a tool called Gamadine, which is an email marketing tool, that then revealed the actual email being

used for the phishing campaign, like the HTML being embedded in the email with the respective

password form. There's not a new development. This is something that hackers have been doing apparently for a while.

And researchers from Safe Breach found an interesting bug in the Azure Automation Service

that allowed them to essentially run a crypto coin miner for free and also hide it from the

legitimate owner of the account.

The Azure Automation Service is able to run Python scripts, but the main goal of Azure

automation service is to essentially manage your cloud environment.

So you can do things like start and stop machines and basically organize your cloud environment. So you can do things like start and stop machines and basically organize your cloud

environment with little scripts without having to set up yet another machine environment

to actually run these scripts.

These scripts are run inside Docker containers.

And well, apparently due to a bug in Asia, the runtime of these scripts

was not built correctly, meaning they ran for free. Typically, probably not a big deal,

because if you're just sort of setting up an environment, the actual runtime for this

automation script is likely insignificant compared to the runtime and cost of the environment that you're setting up.

...