Logically, the feature should let users update an older version of a specific file with a new version of that file having the same file extension, however, it turns out that this is not the case. According to A. Nakoci, the affected feature of Google Drive enables its users to upload a new version of a file with any file extension on the cloud storage. Nikoci also told that Google allows users to change the version of a file without checking if it is the same type. The cloud storage service does not even force the same extension type.
Nikoci shared demo clips, and according to those videos, a legitimate version of a file that has already been shared with a group of Google Drive users can be replaced with a malicious file. Furthermore, the online preview also does not indicate new changes or raise any alarm. However, when installed, the file could be employed to infect the systems.
The approach could be used for highly effective spear-phishing attacks that trick people into compromising their systems. Spear-phishing attacks usually attempt to trick victims into opening malicious links. Those malicious links can also be used to get the victim to unknowingly install malware on their device that can provide the hacker access to the victim’s computer and other sensitive data. Currently, the best solution is to use an antivirus and be wary of Drive file update alerts. Recently, Google also fixed a flaw impacting G Suite and Gmail users that could have let threat actors send spoofed emails even when strict security policies such as DMARC or SPF are enabled.
Read next: Autofill with Google now allows biometric authentication for all Android 10+ devices
Featured Photo: Thomas Trutschel/Photothek via Getty Images
Post a Comment