Free Trial Service Abused, Cloudflare Tunnel Used as Hacker’s Shield

Hackers exploit Cloudflare’s free trial tunnel service to transmit malicious content with anti-reconnaissance capabilities, says Proofpoint.

Security company Proofpoint released a report on August 4, stating that numerous hackers have been misusing Cloudflare’s free trial services.

These attackers exploit the tunnel service provided by Cloudflare to transmit malicious content, benefiting from its anti-reconnaissance features.

The tunnel technology is akin to SSH, enabling remote access to local network data.

Cloudflare’s “TryCloudflare” free trial service allows hackers to register multiple accounts and use one-time tunnel services, frequently changing their subnet domain names to obscure their actual server locations.

CloudFlare upgrades to HTTP/2, major speed gains

Proofpoint noted that they have been monitoring the misuse of TryCloudflare tunnels by hackers since 2023, and such activities are becoming increasingly prevalent. Hackers often use these tunnels to deploy malicious Trojans and distribute phishing emails.

Researchers highlighted that some hackers also use Python scripts and other technologies like WebDAV and SMB to exploit network vulnerabilities, allowing them to install Trojans directly on victims’ devices.

Consequently, Cloudflare’s tunnel service has inadvertently become a “protective shield” for these malicious actors.

Keep visiting for more such awesome posts, internet tips, and lifestyle tips & remember we cover,
“Everything under the Sun!”

inspire2rise 2024 refresh

Follow Inspire2rise on Twitter. | Follow Inspire2rise on Facebook. | Follow Inspire2rise on YouTube

Sukhdev has a passion for sharing insights and experiences on a wide range of topics from technology to personal development!


Learn more about  Gigabyte Radeon RX 5700XT Gaming OC 8G leaked online!

Free Trial Service Abused, Cloudflare Tunnel Used as Hacker’s Shield

Leave a Comment

Discover more from Inspire2Rise

Subscribe now to keep reading and get access to the full archive.

Continue reading