Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Dropbox Related Spam Leads Some to Speculate About Breach

Cloud storage provider Dropbox, has taken on outside help in order to investigate a potential breach, which is being blamed as the reason for a sudden spike in spam directed at the service’s users.

On Wednesday, users who said that they used unique email addresses when associating with Dropbox were seeing a massive flux in spam.

InBoxes targeted by the spammer are seeing advertisements for EU Dice, Euro Gaming Palace, Premier Players Club, Vegas Virtual, SP Casino, and Best2day Support, and this is only list of the most mentioned spammed topics.

Cloud storage provider Dropbox, has taken on outside help in order to investigate a potential breach, which is being blamed as the reason for a sudden spike in spam directed at the service’s users.

On Wednesday, users who said that they used unique email addresses when associating with Dropbox were seeing a massive flux in spam.

InBoxes targeted by the spammer are seeing advertisements for EU Dice, Euro Gaming Palace, Premier Players Club, Vegas Virtual, SP Casino, and Best2day Support, and this is only list of the most mentioned spammed topics.

Commenting on the reports, Cloudmark said that recent data from their Global Threat Network showed 364 different domains in use by this spammer. “Some of the domains point to an IP address shared with domains that have been seen by our system in prior spam campaigns as far back as 2008. So this is a long way from a new campaign,” the anti-spam company explained.

The single connection between most of those complaining, thus fueling the speculation of a breach, is that the majority of accounts getting spammed were previously unknown to anyone but the owner and Dropbox. Based on reports, it also appears that the UK and EU users are being hit the hardest.

Early on, Dropbox suggested that shared folders or referral invites were to blame, but this changed as more and more people complained.

“We wanted to update everyone about spam being sent to email addresses associated with some Dropbox accounts. We continue to investigate and our security team is working hard on this. We’ve also brought in a team of outside experts to make sure we leave no stone unturned,” a Dropbox staffer posted to the user forums. 

“While we haven’t had any reports of unauthorized activity on Dropbox accounts, we’ve taken a number of precautionary steps and continue to work around the clock to make sure your information is safe. We’ll continue to provide updates.”

Advertisement. Scroll to continue reading.

By early Thursday morning, some of the spammed domains were offline, and the number of user reports slowed down. We’ll update this story with more information when it becomes available.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Mike Byron has been named Chief Financial Officer (CFO) at Exabeam.

Ex-GitHub chief technology officer Mike Hanley has joined GM as CISO.

Network security and compliance assurance firm Titania has appointed Victoria Dimmick as CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.