Certified Ethical Hacker (CEH v12) — Question 73
Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phishing emails and distributed custom-made malware to compromise user accounts and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP account, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attacks on the target organization.
Which of the following cloud attacks did Alice perform in the above scenario?
Answer options
- A. Cloud cryptojacking
- B. Man-in-the-cloud (MITC) attack
- C. Cloud hopper attack
- D. Cloudborne attack
Correct answer: C
Explanation
Alice's actions exemplify a Cloud hopper attack, as she exploited her access to the MSP to infiltrate the target organization's cloud services and used the obtained customer data for further attacks. The other options, such as Cloud cryptojacking and Man-in-the-cloud (MITC) attack, do not accurately represent the method Alice used, while Cloudborne attack does not relate to the specifics of her infiltration via the MSP.