Google and Hurricane were notified of the malicious use of their services, Moran said. Both companies had removed the attack mechanisms.
"We appreciate FireEye discovering and documenting this unusual attack, so that we could immediately fix our service to eliminate the possibility of this type of abuse in the future," Mike Leber, a spokesman for Hurricane said in an email sent to CSOonline.
Moran believed the services were victims of hacker creativity versus a flaw.
"These are services offered online that can be used for good or ill," he said. "A gun can be used to protect and a gun can be used to hurt."
Sign up for CIO Asia eNewsletters.