IT security researchers have discovered ways through file-sharing services such as Dropbox to penetrate the security mechanisms of Companies -., and to spread malicious software into their intranets
For many file sharing is now online for everyday life as well as e-mail or social networks. Top dog among the filesharing services is Dropbox with 175 million users, thanks to its extreme user-friendliness which many competitors not manage that. But now, security experts warn that the synchronization of their own dropbox opens a new gateway to the cloud of the company from San Francisco, the spread of malicious software. Everything you pack in the Dropbox folder could happen on other computers firewalls loose, says Jacob Williams, digital forensics CSR Group. “We have tested several times, and the data come directly through the firewall.”
Not just Dropbox, but Google Drive, SkyDrive, SugarSync, and Amazon Cloud Drive are affected by the problem, according to Williams. “It’s like with e-mail in the nineties, we wanted to have and also got spam, Trojans and other malicious software.” So far, there are no tools to investigate file-sharing services on the spread of malware through, so Williams . With Dropbox did not want to even comment on the issue. The findings on Dropbox and other file-sharing services are only the latest in a long list of safety problems with cloud services. “With the increasing use of cloud services, we will see attacks on them again and again, until such time as the platforms mature,” says Radu Sion, computer and IT security researchers at Stony Brook University. “Where the attack does not apply here Dropbox itself, but its use. Dropbox has opened a way to get infected documents through corporate firewalls. “If it were a well thought out combination of existing vulnerabilities. Williams came across the problem when a customer asked him the security of a corporate network to test. In a first step, he said, the CIO of the company with an email containing a document with malware in the Appendix. With which he was later to gain access to the computer and found the manager’s first company documents in the Dropbox! folder. Williams then placed an infected file in the folder that spread through the synchronization of file-sharing service through the company intranet. Next, he constructed an attack tool called Drops Mack. It was used to infect an already existing Dropbox folder in the file manager. As the CIO of the file öffente later, he allowed Mack Drops order to perform attacks on the intranet – including the theft of files from the network. Williams tested the method on other filesharing services. Although not yet become aware of such attacks. “But I can not imagine that no one has used this method somewhere,” Williams says. “With the current software tools is virtually impossible to find, so we know nothing about it.” Data theft using Dropbox is hardly get at with the usual defense programs. Other researchers recently succeeded, the code of the Dropbox client program – which runs on a user’s computer – to crack. “This was an easy task,” said Przemyslaw Wegrzyn code Painters, a Polish IT security company from Wroclaw. The protection of the code was pretty simple. “Applying it to reverse engineering, can figure out how the client program communicates what security mechanisms it contains and at what level you can attack it.” Publications:Jake Williams “Post Exploitation Operations with cloud synchronization services” presentation at the Black Hat Conference 2013
Dhiru Kholia & Przemyslaw Wegrzyn. “Looking inside the (drop) box” , published by Usenix ( David Talbot ) / <. <- - AUTHOR DATA MARKER BEGIN>! – RSPEAK_STOP -> (nbo)
<- RSPEAK_START -> <- AUTHOR-DATA-END-MARKER - ! ->
<- googleoff: all ->
