A newly documented toolset, CloudScout, developed by the advanced persistent threat (APT) group Evasive Panda, has been identified as targeting Taiwanese institutions to infiltrate and extract cloud-based data. The attacks, spanning 2022 to 2023 and discovered by ESET, reveal how CloudScout exploits session cookies stolen by MgBot plugins to access Google Drive, Gmail and Outlook accounts without the need for direct authentication.

Source: Infosecurity