Attackers use legitimate tool to compromise Cloud based assets