A bug in Google Drive might be exploited by menace actors to distribute malicious information disguised as official paperwork or photographs.
An unpatched weak point in Google Drive might be exploited by menace actors to distribute weaponized information disguised as official paperwork or photographs.
enabling dangerous actors to carry out spear-phishing assaults comparatively with a excessive success price.
The difficulty resides within the “handle variations” characteristic applied in Google Drive permits customers to add and handle totally different variations of a file and within the interface that permits customers to supplies a brand new model of the information to the customers.
The “handle variations” characteristic was designed to permit Google Drive customers to replace an older model of a file with a brand new one having the identical file extension, sadly, this isn’t true.
The researchers A. Nikoci, found that the functionally permits customers to add a brand new model with any file extension for any file saved on Google Drive, permitting the add of malicious executables.
“Google allows you to change the file model with out checking if it’s the identical sort,” Nikoci defined. “They didn’t even drive the identical extension.”
The researchers reported the problem to Google and shared his findings with TheHackerNews that revealed the next movies that present how you can exploit the weak point.
“As proven within the demo movies—which Nikoci shared completely with The Hacker Information—in doing so, a official model of the file that’s already been shared amongst a gaggle of customers will be changed by a malicious file, which when previewed on-line doesn’t point out newly made adjustments or increase any alarm, however when downloaded will be employed to contaminate focused programs.” reads the submit revealed by THN.
An attacker might exploit the weak point to hold out spear-phishing campaigns utilizing messages that embody hyperlinks to malicious information hosted on Google Drive. Utilizing hyperlinks to information saved on in style cloud storage is a recognized tactic utilized by menace actors to hold out efficient phishing campaigns
Specialists identified that Google Chrome seems to implicitly belief any file downloaded from Google Drive, even when they’re flagged and “malicious” by antivirus software program as malicious.
Google not too long ago addressed an e-mail spoofing vulnerability affecting Gmail and G Suite just a few hours after it was publicly disclosed. The vulnerability is brought on by lacking verifications when configuring mail routes. The difficulty might have been exploited by an attacker to ship an e-mail that seems as despatched by one other Gmail or G Suite consumer, the message is ready to bypass safety mechanisms reminiscent of Sender Coverage Framework (SPF) and Area-based Message Authentication, Reporting and Conformance (DMARC).
On the time of writing, there isn’t any proof that the vulnerability has been exploited by menace actors in assaults within the wild.
(SecurityAffairs – hacking, Google Drive)
drovorub malware ioc,ponyfinal ransomware,virustotal