A similar exploit.........
Could be used with any of the on-line storage providers say Microsoft Cloud which provides it with Office 2013
A remote access trojan (RAT) is using Dropbox for command and control in a targeted attack against the Taiwanese Government, malware analyst Maersk Menrige says. The upgraded PlugX RAT is the first targeted attack to use Dropbox to update command and control settings, Menrige said, as distinct from other malware and ransomware …
"Seems risky for the perpetrators to me. Wouldn't any legitimate company just shut down the account as soon as a security researcher informed them they were being used as a C&C server?"
That goes for any C&C protocol. But the solution is already known: use lots of C&C servers, located via a hash function. Or lots of Dropbox accounts via a hash account. Dropbox needs just needs to stop xyzlkajsdfklzvc, xyxkawerup, and xyzupweas from signing up free Dropbox accounts.
On a clean computer is it possible to get infected by visiting the dropbox website? If not then how can this be misdiagnosed as some kind of Dropbox malware
"DropSmack: How cloud synchronization services render your corporate firewall worthless"
It's been patently obvious for years that firewalls are next to useless, corporate or otherwise ..
https://media.blackhat.com/eu-13/briefings/Williams/bh-eu-13-dropsmack-jwilliams-wp.pdf