cloudz malware

About this tag
CloudZ malware is a remote access trojan that targets Windows systems by abusing Microsoft Phone Link to steal SMS messages, one-time passwords, and credentials. Discovered by Cisco Talos in early 2026, this intrusion has been active since at least January and uses a previously undocumented Pheno plugin. The malware exploits the trusted convenience bridge between phone and PC, turning a legitimate Windows feature into an attack surface. For Windows users and enterprise IT, CloudZ highlights the need for cross-device security governance, as attackers leverage built-in tools to bypass traditional defenses. Discussions on WindowsForum focus on understanding the threat, its implications for Windows security, and mitigation strategies.
  1. CloudZ Malware Targets Windows Phone Link to Steal OTPs, SMS, and Credentials

    Cisco Talos reported on May 5, 2026, that an intrusion active since at least January deployed the CloudZ remote access trojan and a previously undocumented Pheno plugin on Windows PCs to abuse Microsoft Phone Link and potentially steal credentials, SMS messages, and one-time passwords. The...