The year has been really bad for the digital security sector as a number of hacking attempts to major platforms were discovered one after the other. Hacking of social media accounts to the leak of user data for millions of users, this year has seen it all. Now it seems that even the Google ecosystem is not untouched by the same. If you are working and relying totally on the Google ecosystem, then this might not be good news for you.
The last few months have been a boom for Google services as people have been using the online tools to work from home and share their work experience. Google even decided to provide Google Meet for free during the pandemic, which was a paid service in GSuite. With the increase in the number of users and active engagement for Google services, it came as a perfect opportunity for hackers to steal the data and create havoc among all. Security researchers have found that a bug in Google Drive can be used to swap out the legitimate files with malicious ones.
The bug is majorly a threat for people who are currently working from home in the time of the pandemic. The bug was discovered by A. Nikoci, who claims that the bug is caused by Google Drive’s failure to check different versions of files stored on the cloud. It allows the hackers to swap normal files in favor of malicious ones and it cannot be detected as Google drive will read it as an updated version. Google drive also does not detect whether the file replaced is the same type or not, making it easier for hackers to replace any type of file.
The issue has been notified to Google, but as of now, the bug remains unresolved. Until then the users need to be aware of any unexpected changes to their Google drive. Do not run or open a file from the Drive if you do not recognize it.