Attackers could exploit the weakness in Google Drive by distributing malicious files disguised as legitimate files or images.
Attackers could exploit the weakness in Google Drive by distributing malicious files disguised as legitimate files or images.
A system administrator A. Nikoci reported the flaw to Google, the functionally allows users to upload a new version with any file extension for any existing file on the cloud storage, even with a malicious executable.
Nikoci shared demo videos with The Hacker News, which clearly shows that a malicious file can replace the legitimate version of the files that are already being shared among the users. When these files are previewed online, it doesn't show any signs of the recently made changes or raise any alarm. This malicious file can infect targeted systems when downloaded.
The ‘Manage versions’ feature in GoogleDrive lets the user to quickly check the different versions of the file uploaded on Drive folder.
“Google lets you change the file version without checking if it’s the same type. They did not even force the same extension, ” said Nickoi.
An attacker could exploit the weakness by spear-phishing scams, where the victim is tricked into opening messages that include malicious links or attachments, which appears to be real. The recipient unknowingly downloads malware that can give the attacker access to the user’s computer system and other sensitive information like account credentials and confidential data.
Experts pointed out that Google Chrome appears to implicitly trust any file downloaded from Google Drive, even if they are flagged by other antivirus software as malicious.
There is no evidence that the vulnerability has been exploited by threat actors in attacks in the wild.
Google recently addressed an email spoofing vulnerability affecting it's Gmail and G Suite products.
Users must always keep an eye on suspicious emails and Google Drive notifications because the attackers are trying to exploit all the possible points to hide their malicious moves.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?