FLUXROOT Exploits Google Cloud for Phishing 1. FLUXROOT, a LATAM-based threat actor, uses Google Cloud serverless projects for credential phishing. 2. The campaign targets Mercado Pago login information using Google Cloud container URLs to host phishing pages. 3. FLUXROOT, known for the Grandoreiro trojan, also uses Microsoft Azure and Dropbox for malware distribution. 4. Another actor, PINEAPPLE, used Google Cloud to spread Astaroth malware, targeting Brazilian users. 5. Google has taken measures to counter these threats by removing malicious cloud projects and updating Safe Browsing lists. #fluxroot #googlecloud #credentialphishing #cybersecurity #malware #serverlesscomputing #phishingcampaign #grandoreiro #astaroth #cloudsecurity #threatintel #cyberthreats #maliciousclouduse #technews #latamcybercrime #cloudabuse #safebrowsing #phishingprotection #emailsecurity #CyberDefense