Google Apps Script Allowed Malicious Hackers to Automate Malware Downloads

SHARE:

Google Apps Script Allowed Malicious Hackers to Automate Malware Downloads


Proofpoint Reseachers have discovered that Google Apps Script allowed hackers to automatically download malware uploaded on Google Drive to victums targeted devices.

Since the discovery of this vulnerability to Google, the company has added a specific restricitions on certain Apps scripts that could be abused. Google blocks both installable triggers customizable occasions that cause certain events to happen automatically.

However, the proof of concept ProofPoint was provied to Google. The exploit begun by uploading malicious files and malware executables on Google Drive to which attack could create a public link. Hacker could later share an arbitrary Google Doc to be used as a lure and vehicle for a Google Apps Script that delvers the shared malware. While Proofpoint reseachers frequently observe Google Docs phishing and malware distribution via links to Google Drive URLS.

Google has now imposed new restrictions on simple triggers to block phishing and malware distribution attempts that triggered by opening a doc.


Advertisement
Advertisement
Advertisement
Name

Aiobuy Dark Web Market,1,American Hackers,1,Android Malware,1,BIOS,1,Bitcoin,3,BitLocker Password,1,Blackberry,1,Botnet,3,British Hacker Jailed,1,Bypass BIOS and BitLocker,1,Chinese Hackers,1,CoinHive,2,Computer Network,1,Crypter,1,Cryptocurrency,5,CryptoMiner,4,Cyber Attack,3,Cyber Warfare,1,Cybercrime,6,Cybercriminal,3,Cybersecurity,2,Data Theft,2,DDoS,2,Denial of Service Attack,1,Department of Homeland Security,1,F-Secure,1,F5 Network,1,Fancy Bear,1,FBI,2,Federal Bureau of Investigation,3,Federal Investigation Agency FIA,1,Flaw,1,Foreign Intelligence Surveillance Act,1,Google,2,Google Apps Script,1,Google Drive,1,Hacker Arrested,2,Hackers,2,Hacktivist,1,Hancock Health Hospital,1,Hospital,1,Infy Group,1,Intel Active Management Technology,1,Intel AMT,1,Intelligence Agencies,3,Internet of Things,1,Internet Scam,1,Irani Hackers,1,Israeli Defense Ministry,1,Israeli Government,1,JBoss Exploit,1,Kaspersky Labs,1,Kronos,1,Laptop,1,Linux,2,Malware,8,Meltdow,1,Monero Crypto,1,Money Fraud,3,NASA,1,National Security Agency,2,Network,1,Network Security,1,NSA,1,OnePlus Credit Card Breach,1,Online Payment System,1,Oracle Micros POS,1,Pakistan Police,1,Palo Alto Network,1,PayPal,1,Phishing Attacks,1,Pokemon,1,Proofpoint,1,PyCryptoMiner,1,Ransomware,2,Remote Access Trojan Tool,1,Russian Hacking Group,2,SamSam Ransomware,2,Section 702,1,Security,2,Security Breach,1,Security Features,1,Security Researcher,2,Security Vulnerability,1,SkyGoFree,1,Skype,1,Smartphones,1,Spectre,1,State Sponsor Cyber Attack,1,Surveillance,2,Unauthorized Computer Access,3,Unidentified Hacker,4,United State Government,4,US Army,1,US Department of Defense,2,Vulnerability,1,WannaCry,1,Whatsapp,1,Wi-Fi,1,Wi-Fi Protected Access WPA3,1,Windows,1,WPA2,1,WPA3,1,YouTube,1,Zero-Day Exploits,1,
ltr
item
Fishy Security Lab Blog | Information Security News Blog: Google Apps Script Allowed Malicious Hackers to Automate Malware Downloads
Google Apps Script Allowed Malicious Hackers to Automate Malware Downloads
Google Apps Script Allowed Malicious Hackers to Automate Malware Downloads
https://kissflow.com/wp-content/uploads/2016/08/google-apps-script.jpg
Fishy Security Lab Blog | Information Security News Blog
https://blog.fishyseclab.com/2018/01/google-apps-script-abused-by-malicious-hackers.html
https://blog.fishyseclab.com/
https://blog.fishyseclab.com/
https://blog.fishyseclab.com/2018/01/google-apps-script-abused-by-malicious-hackers.html
true
4151341886699971489
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy