Hundreds of repositories across nearly two dozen major cloud services are actively providing malware, including phishing, ‘drive-by downloads,’ and fake sites, according to a new study.

The list includes domains from Google, Amazon, and Yahoo, and according to the team, the malicious content can be difficult to spot.

Researchers say hackers could hide components of malware in separate locations in the cloud, allowing them to go untracked as individual items – but, these seemingly innocent pieces can quickly be assembled to launch an attack.

In the study, researchers from the Georgia Institute of Technology, Indiana University Bloomington, and the University of California Santa Barbara created a scanning tool called ‘BarFinder’ to track down the unique features of bad repositories. 

The work was supported in part by the National Science Foundation and involves ECE Professor Raheem Beyah and his Ph.D. student Xiaojing Liao.

Read the entire article at The Daily Mail.