Hacker discovers how Google Drive documents are hacked and get R $ 16,000 – Olhar Digital

Hacker discovers how Google Drive documents are hacked and get R $ 16,000 - Olhar Digital

Google
unsplash

Google had a serious security breach

Security researcher Shriram KL discovered a flaw Google document
That one can give Hacker
Access to the contents of documents stored in the service.

The drawback was the “Send Feedback” tool (located in the Portuguese version of the docs “to help improve Google Docs”), which suggests users to improve or report. Google
Problems in the text editor. This tool has the option of sending it with a comment, a screenshot of the currently open document.

According to Shriram KL, the flaw in Google Docs is a means of redirecting the data, which makes this screenshot to another domain, which it controls, to “steal” the image that Google’s servers should be sent. The video below shows the flow of the attack:

Explore this flaw in Google document
This requires user interaction and the stolen data is limited to the part of the document that currently appears on the screen, meaning this is a very specific thing. But still, it is a risk Display of personal information
. And we must remember Hackers
It is good to walk the prey directly into a trap.

The defect, which was reported in July and recently corrected, earned the researcher US $ 3,133.70 (approximately R $ 16.4 thousand) as part of the rewards program. Google
, Which encourages researchers to search and report security holes
In the company’s products.

READ  Following the controversy, WhatsApp postponed the introduction of new terms of service
Raven Weber

About the author: Raven Weber

Musicaholic. Unapologetic alcohol maven. Social media expert. Award-winning coffee evangelist. Typical thinker.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *