Written By Om Gupta
Google Workspace deficiency allows untraceable data theft from Google Drive
According to researchers from Mitiga Security, once a malicious user has accessed the organisation's Google Drive, they can take action without being recorded.
Edited By: Om Gupta | Published By: Om Gupta | Published: Jun 05, 2023, 08:38 PM (IST)
Highlights
- Google Workspace users without a paid enterprise licence are only the affected ones.
- The bug enables hackers to exfiltrate data in Google Drive without any trace.
- The experts also notified Google of its findings, but the company is yet to respond.
Cybersecurity researchers have discovered a significant forensic security deficiency in Google Workspace that enables a hacker to exfiltrate data in Google Drive without any trace. 
Also Read: Pixel 9a gets Rs 10,000 price cut just before Pixel 10a launch: How to grab the deal
According to researchers from Mitiga Security, once a malicious user inside has accessed the organisation’s Google Drive, they can take action without being recorded at all. Also Read: Google Meet makes presentations easier with new feature
This flaw affects only users who do not have a paid enterprise licence for Google Workspace. Also Read: Found your personal info on Google? New tool helps you remove deepfakes faster
Users who do not have a paid Google Workspace licence have their private drive actions left undocumented.
Hackers can disable logging and recording by cancelling their paid licence and switching to the free “Cloud Identity Free” licence.
This enables threat actors to exfiltrate files without leaving any trace, save for the indication that a paid licence was revoked, which is visible to administrators.
“A threat actor who gains access to an admin user can revoke the user’s license, download all their private files, and reassign the license,” the researchers said.
The experts also notified Google of its findings, who is yet to respond.
Meanwhile, hackers are targeting iPhones with previously unknown malware, via iMessage to, gain complete control over the iOS device and spy on users.
Cybersecurity company Kaspersky discovered the mobile Advanced Persistent Threat (APT) campaign targeting iOS devices with previously unknown malware.
Dubbed as ‘Operation Triangulation’, the ongoing campaign distributes zero-click exploits via iMessage to run malware gaining complete control over the device and user data, with the final goal to “hiddenly spy on users”.
–IANS
Update:
Add Techlusive as a Preferred Source
In a reply send to Techlusive, Google said, “Important to note that this theoretical construction by the vendor includes no specific evidence of actual user impact. The types of organizations looking for the type of robust auditing referenced in this report, are generally already using Google Workspace enterprise licenses, which have extensive auditing capabilities. Users looking to add these advanced capabilities can sign up for Google Workspace Enterprise Essentials, which has a Starter Edition available that is free for up to 100 users.”
