A system administrator has found that hackers can use a Google Drive feature to trick users into downloading harmful malware.
Nikoci found the flaw in the ‘manage versions’ section of Drive and informed Google about the same. However, the issue remains unpatched as of now, reported Hacker News exclusively on 22 August.
According to Google, the manage versions setting helps users in restoring an earlier version of any said file. Users can upload a new version and manage all the available versions through the feature. But Nikoci pointed out that Google did not force the new file to have the same extension as the other version.
Hence, you will be able to upload a new version of an image or file with any file extension for any existing file present in Drive, even if it has a malicious executable. Hackers can put this loophole to their use and insert a malware disguised as a genuine file.
More importantly, the app shows no sign of recently made changes or raises any alarm when previewed online. So you won't know the file has been replaced until you have installed it, reported Engadget. This can be because of the security layering Chrome has in place for Drive downloads.
The report added that hackers can use this security black hole for spear phishing attacks, where electronic communications are sent to targeted individuals or firms from trusted contacts so that they reveal any confidential information. This will work by the means of any document update notification in this case. As soon as you click on the notification, you introduce a malware to your system.
Engadget advised users to use antivirus software and be cautious around Google Drive file update notifications for now, till Google introduces a fix.
source https://www.firstpost.com/tech/news-analysis/hackers-use-google-drive-feature-to-plug-targeted-malware-phish-for-sensitive-information-8755211.html