Dropbox, Google Drive, SkyDrive sync malware too, finds new research

New research has pointed out that if a computer with Dropbox functionality is broken into, the inherent syncing feature allows any malware to pass through to other machines.

New research has pointed out that if a computer with Dropbox functionality is broken into, the inherent syncing feature can allow any malware to reach other machines which are synced on the same network. In fact, it has become a reason for worry not only for those using Dropbox, but also for those others on services like SkyDrive, Google Drive, SugarSync, and Amazon Cloud Drive. 

 

MIT Technology Review has quoted Jacob Williams, a digital forensic scientist at CSR Group as saying, "People don’t consider that once you have Dropbox configured, anything you put in the synchronization folder gets a free pass through the firewall." Williams added that they tested this on several services, only to find that data goes right through the firewall. 

Dropbox, Google Drive, SkyDrive sync malware too, finds new research

Syncs malware

 

 

It was all uncovered when Williams was asked by a client to test the security of a corporate network. First he obtained a personal e-mail id for the CIO and managed to successfully launch a spear-phishing attack when the CIO clicked on a malware-ridden attachment. When the CIO was away from the office with his laptop, Williams could even access the computer and found corporate documents in a Dropbox synchronisation folder. Williams managed to access everything on this machine - passwords, personal photos, et al. 

 

The most important part was that Williams could use Dropbox and its syncing abilities to upload a malicious file that would appear in folders inside the corporate network. To that end, he wrote a malicious file called DropSmack and infected an existing file inside the CIO’s Dropbox folder. When the CIO opened the file next, the malicious file allowed malicious commands to be sent inside the corporate network via files synced by Dropbox. Williams went ahead and tried the same procedure with other popular cloud-storage syncing services. 

 

Williams added, “I can’t imagine someone somewhere hasn’t been using it for actual attacks. It’s nearly impossible to detect with current tools, so we don’t know. Data loss prevention tools have a really hard time with Dropbox and the like. They really fail at protecting these services.” 

Find our entire collection of stories, in-depth analysis, live updates, videos & more on Chandrayaan 2 Moon Mission on our dedicated #Chandrayaan2TheMoon domain.

Loading...




also see

science