Vulnerability in Google Drive allows malware distribution

[German]There is an unpatched vulnerability in a feature in Google Drive. This vulnerability allows attackers to distribute malware via the Google Drive drive.


Advertising

The vulnerability exists in Google Drive and was reported by A. Nikoci to Google, and later to The Hacker News. The unpatched vulnerability in Google Drive could be exploited by malware attackers to distribute malicious files. They could cloak legitimate documents or images and place them on the Google Drive. Malicious actors could perform spear phishing attacks with a relatively high success rate.

The most recent security issue, unpatched but known to Google, concerns the "manage versions" feature offered by the Google Drive. This feature allows users to upload and manage different versions of a file on Google Drive. The Google Drive interface then presents users with a new version of the uploaded files.

The manage versions should allow users of Google Drive to update an older version of a file with a new version with the same file extension. But it turns out that more is possible. According to A. Nikoci, a system administrator, the affected feature allows users to upload a new version with any file extension for any file on the cloud storage. This even applies to a malicious executable file.

"Google lets you change the file version without checking if it's the same type," Nikoci said. "They didn't even force the same extension." This, of course, opens the door for attackers to launch highly effective spear-phishing campaigns that take advantage of the widespread distribution of cloud services such as Google Drive to spread malware. Details were reported by The Hacker News.


Advertising

This entry was posted in Cloud, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).