An unpatched security weakness has been found in Google drive which could allow hackers to trick you into installing malware. This feature of Google Drive would allow hackers to pose malware as legitimate documents and images.
As reported by The Hacker News, the weakness would allow bad actors to perform spear-phishing attacks comparatively with a high success rate.
This potentially poses another legal issue for Google. The company is currently facing two other separate legal problems so this could not come at a worse time.
Firstly it was reported that Google had accidentally listened to more than it should for some Home users. Then more recently, a firm filed a lawsuit against the Play Store and its 30% transaction fee.
Google Drive potentially vulnerable to hackers
The security issue resides in the “manage versions” functionality. This is the place where users upload and manage different versions of a file.
The manage versions functionally should allow users to update older versions of files with the new file having the same extension. However, this is not the case.
The functionality allows users to upload a new version with any file extension for any existing file. This means it could even have a malicious executable.
This means that a legitimate version of a file can be replaced easily with a malicious one. Such a problem is made worse when previewed online does not indicate newly made changes. Therefore, there is no alarm raised for users that something has changed.
The videos below demonstrate how this can work.
More hacking problems for Google Drive
Spear-phishing generally attempts to trick users into opening malicious attachments. It also gets users to clicking seemingly innocuous links, often providing confidential information in the process.
The links can also get users to unknowingly download malware. Google Drive’s file update feature attempts to make it simpler to update shared files. It does this by allowing users to update a file without changing its link.
The problem comes with the fact that this offers no validation to users about what has happened. Speculation suggests that hackers could use this weakness to mount whaling attacks. This is where cyber-gangs pose as senior management to obtain access to computer systems for criminal purposes.
No evidence currently exists that hackers have exploited this weakness in the real world. However, it would not be difficult for them to do so.
Google Drive has been a vehicle for malware attacks in the past and this means it may continue to be in the future. Earlier last year a group conducted a phishing campaign on Google Drive to download a password stealer.
With hackers stepping up their game it is important to remain on guard for anything that looks suspicious. Hopefully, Google will do something to combat this weakness as it is currently all too easy for hackers to exploit Google Drive for their own gain.