A leading fintech company plans to migrate its primary financial application to a public cloud environment. Before the transition, the cloud security specialist reviews the application's architecture to ensure its resistance against potential cloud$-$based application attacks. Given the specific vulnerabilities associated with cloud platforms, which attack method would be the MOST effective against a cloud$-$based application that has not appropriately secured its Application Programming Interface $($API$)?$

Injection attack targeting the application's API

Distributed denial of service $($DDoS$)$ against the cloud infrastructure

Brute force attack on application user accounts

Social engineering attack on cloud provider personnel