Google Drive has suffered a phishing attack using JavaScript code, and websites very dubious sources, which have been used to steal user account credentials using Google services such as Gmail.
Researchers Elastica technology company, explained that the hackers used JavaScript code to hack the code of the web of Google Drive. In addition to using false credentials SSL pay to access Google services.
The attackers were able to reach a large number of users by exploiting Google Drive, staying malicious websites, which were directed to the victims of the attack.
Google Drive suffers a phishing attack
Hackers used Gmail to distribute emails with links to unauthorized and websites hosted on Google Drive. In this way, they managed to steal credentials by a third-party domain. Although he made known to Google the existence of these malicious pages, still they have not been eliminated.
Aditya K Sood he said, architect laboratory threats Elastica cloud …
It is a timely incident, people who carried out the attack were able to bypass security checks and redirected Google users to get access to a multitude of services related to Google accounts of victims
It is true that all the tools that currently exist in the cloud, as in the case of Google Drive, benefits have not for years could have imagined. It is a challenge to get this model meet high levels of safety. Since in part, this service is supported by confidence in the. If we did not consider Google Drive sure there Who would keep your information?
Google Drive uses SSL encryption as standard safety method for detecting and blacklisting IPs intrusion. But in this case, it was found that this protection was not effective.
Rehan Jalil, CEO of Elastica said these issues will likely continue to appear in the future as the use of Cloud pureed. According to Jalil said …
Professionals who are dedicated to safety, are quickly learning that traditional security methods are no longer effective tools hosted in the cloud
In addition, this news comes the same week that Google announced it would allow users to connect their own encryption technologies in their cloud platform.
You have an account of Google Drive? Do you usually use ?. If so, take an interest in the safety of your files and do not reveal your credentials to anyone, not through any email.