A function in Google Drive can be used to spread malware. As far as is known, Google has not yet done anything against the security gap and probably has no plans to do so, so users should be particularly careful.
The version control of Google Drive can be used by hackers to smuggle in malware and have its victim install it. The weak point is a design problem and – according to the first assessments – could easily be fixed. But Google knows about the loophole and has not done anything yet.
Google knows, but doesn’t change anything
Hacker News reports and writes that an informant by the name of A. Nikoci explained the details of the vulnerability to them. A. Nikoci himself is a system administrator and reported the vulnerability to Google. The previously unpatched security hole in Google Drive can be exploited by malware attackers to distribute malicious files.
Version management makes it easy for attackers to disguise their malicious code as legitimate documents or images. The problem with this is that Google Drive’s versioning allows the user to upload different versions of a file without checking to see if they are the same files. In addition to a legitimate photo file (in the example a cat photo with the name cat.jpg), an attacker can upload a “new” version, which is called cat.jpg.exe, and contains an executable file.
However, if you look carefully, you will quickly recognize the attempted fraud with the other file extension. If the attacker succeeds in distributing such data on a massive scale via Google Drive, the probability is high that someone will click on the .exe and use it to get malware onto the PC.
Google could solve the problem if only the same file extensions were allowed in version management. It is not known to what extent cybercriminals are already exploiting the vulnerability. However, Hacker News states that the security gap opens the door to so-called spear-phishing campaigns.