Former Microsoft Security Analyst Claims Office 365 Knowingly Hosted Malware For Years

microsoft hosting malware on office365 and onedrive
Malware on Windows devices has become a real problem in the last few years, specifically with a recent uptick in ransomware. It appears that Microsoft has been trying to combat this issue, though, with updates to Microsoft Defender, so it has more teeth than ever before. However, what if Microsoft is part of the problem too?

On Friday, cybersecurity researcher TheAnalyst explained on Twitter how BazarLoader malware leads to ransomware that can severely affect healthcare, among other industries. He then called out Microsoft, asking if the company has “any responsibility in this when they KNOWINGLY are hosting hundreds of files leading to this,” alongside an image of what appears to be malicious files being hosted in OneDrive.

bazar microsoft hosting malware on office365 and onedrive

To back this up, former Microsoft security analyst Kevin Beaumont replied, saying that Microsoft cannot call itself a security leader due to Office365 and OneDrive abuse happening for years. He continued, explaining that getting things taken down from OneDrive is a nightmare process with rather slow reaction times, making Microsoft the “world’s best malware hoster for about a decade, due to O365.”

response microsoft hosting malware on office365 and onedrive

However, this is not a Microsoft-exclusive problem nor a new issue, as we have seen malware hosted on other platforms in the past. According to research by the Bern University of Applied Sciences, Google and Cloudflare are currently among the top online malware hosting networks.  As such, the entire tech industry needs to be better about finding malicious content hosted on its servers before looking elsewhere for problems. 

top list microsoft hosting malware on office365 and onedrive

In any event, hopefully, this incident will drive Microsoft to decisive action that can help protect millions of people and thousands of organizations from debilitating malware attacks. However, let us know what you make of this entire situation in the comments below.