Attackers are abusing Google Cloud Storage to host phishing pages that deliver the Remcos RAT, leveraging the trusted `storage.googleapis.com` domain to bypass security filters. The article does not provide a CVSS score, specific affected or fixed software versions, or a recommended workaround for this threat.
2026-04-14 (Back to Inventory) When Trust Becomes a Weapon: Google Cloud Storage Phishing Deploying Remcos RAT Author(s): ANY.RUN Organization: ANY.RUN win.remcos Open article directly Open article on Archive.org Related Articles 2026-03-26 â‹… ANY.RUN â‹… khr0x , raptur3 Active Magecart Campaign Targets Spain, Steals Card Data via Hijacked eStores for Bank Fraud magecart 2026-03-25 â‹… ANY.RUN â‹… Achmad Adhikara , GridGuardGhoul Kamasers Analysis: A Multi-Vector DDoS Botnet Targeting Organizations Worldwide Kamasers 2026-02-25 â‹… Twitter (@anyrun_app) â‹… Achmad Adhikara , ANY.RUN Tweet about KarstoRAT KarstoRAT