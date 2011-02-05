50% of malicious office documents were downloaded via Google Drive in 2021

February 2022 by Atlas VPN

Widely used Google and Microsoft products often become attacker tools to spread malware because of the large userbase and trustable service, which convinces people to fall for hacker tricks more easily.

According to the data presented by the Atlas VPN team, users downloaded 50% of malicious office documents out of all malware from Google Drive in 2021. Furthermore, 37% of all malware downloads are malicious office documents.

Google Drive overtook the top spot from Microsoft OneDrive, which led malicious office document download apps in 2020 with 34%.

Microsoft OneDrive represents 19% of malicious office documents of all malware downloads. For years, attackers have abused OneDrive by creating accounts specifically for hosting malware or hijacking them from legitimate users.

Another Microsoft product, Sharepoint, ranks third as victims used the application to download 15% of malicious office documents.

Google Gmail service attributed to 4% of malicious office documents of all malware downloads. At the same time, Box was responsible for 3% of office documents carrying malware.

Cybersecurity writer at Atlas VPN Vilius Kardelis shares his thoughts on cloud application attacks:

“Cybercriminals abuse cloud applications for personal benefits because such services are gaining more users in recent times. Attackers can spread malware and steal data by targeting unsuspecting users with malicious documents. Securing your cloud apps with user authentication and threat monitoring tools will help mitigate malware attacks.”

Office documents used to spread malware

Cybercriminals create free accounts, upload malicious files and share them publicly or with specific victims.

In the first quarter of 2020, the percentage of malicious office documents out of all downloaded malware was 19%. However, in Q2 2020, the number jumped significantly to 46%.

In Q3 and Q4 2020, the percentage of office documents being malware downloads declined to 36% and 29%, respectively. Another significant malware burst happened at the start of 2021 when malicious document downloads reached 43%.

After a slight dip to 35% in Q3 2021, the percentage of malicious office documents settled at 37% in Q4 2021. The Emotet’s success led other cybercriminals to distribute malicious files with similar techniques.