Former Microsoft security expert claims company has hosted malware in OneDrive for nearly a decade

Kareem Anderson


Since the early 2000’s Microsoft has made it a company-wide endeavor to emphasize security in many of its products, unfortunately, it seems company can’t keep up with volume of threats that exist today.

A former Microsoft Senior Threat Intelligence Analyst, Kevin Baumont took to Twitter last week to vent his frustrations over what he has seen as OneDrive malware abuse.

In an opening tweet to an informative thread, Baumont encourages Microsoft, who employs eight thousand security personnel and received trillions of signals to do a better job at preventing OneDrive from being a host to Conti ransomware.

Baumont also shares receipts of report and action times from the OneDrive team that reach close to a month for a response from Microsoft when contacted about a potential threat.

Even more of an indictment than the molasses-like response times is the claim that Microsoft manages to profit off its delayed reactions.

As a former Senior Threat Intelligence Analyst, Baumont also gives some insight into competitors approaches and the outlook is just as dire elsewhere. According to a 3rd party analyst firm, while Microsoft ranks in the top three platforms hosting malware, Google and Discord top the list as well as Slack and Pastebin rounding out the top five. The issue of malware isn’t isolated to Microsoft, but Baumont’s criticisms shine a brighter light on the issues the company continuously struggle with.

Furthermore, Microsoft acknowledges Baumont’s observations and agrees that it will need to investigate further improvements to better respond to and prevent the hosting of malware within its products. Microsoft told OnMSFT:

Abuse of cloud storage is an industry-wide issue and we’re constantly working to reduce the use of Microsoft services to cause harm. We are investigating further improvements to prevent and rapidly respond to the types of abuse listed in this report. We continue to encourage customers to practice good computing habits online, including exercising caution when clicking on links to web pages, opening unknown files, or accepting file transfers, and we also encourage customers to report abuse using this form.

However, as an industry-wide issue with cloud storage, the company will need to also work with others to come up with more permanent solutions.

Baumont’s Twitter exposé of Microsoft’s OneDrive malware abuses does conclude on a positive note with updates showing Microsoft addressing some of his concerns.

Malware in all its forms is an increasing problem for everyone, Microsoft and OneDrive included, but it’s good to see both the problems get some exposure and some progress being made.