We’d like to inform you that a new alert has been detected in Azure Defender for Azure Storage Account: A malicious blob has been downloaded from a storage account.
|Alert (alert type)
|Malicious blob was downloaded from a storage account (Preview)
|The alert indicates that a malicious blob was downloaded from a storage account. Potential causes may include malware that was uploaded to the storage account and not removed or quarantined, thereby enabling a threat actor to download it, or an unintentional download of the malware by legitimate users or applications.
Applies to: Azure Blob (Standard general-purpose v2, Azure Data Lake Storage Gen2 or premium block blobs) storage accounts with the new Defender for Storage plan with the Malware Scanning feature enabled.
|High, if Eicar – low
You can see a list of all of the alerts for for Azure Storage Account.