Certified Ethical Hacker (CEH v13) — Question 101

Alice, a professional hacker, targeted an organization’s cloud services. She infiltrated the target’s MSP provider by sending spear-phishing emails and distributed custom-made malware to compromise user accounts and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP account, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attacks on the target organization.
Which of the following cloud attacks did Alice perform in the above scenario?

Answer options

• A. Cloud cryptojacking
• B. Man-in-the-cloud (MITC) attack
• C. Cloud hopper attack
• D. Cloudborne attack

Correct answer: C

Explanation

Alice executed a Cloud hopper attack, which involves compromising a managed service provider (MSP) to access customer accounts and data. The other options are not applicable; Cloud cryptojacking refers to using cloud resources for cryptocurrency mining, Man-in-the-cloud (MITC) attacks focus on intercepting data between devices and cloud services, and Cloudborne attacks typically refer to threats that originate from the cloud itself.