A research paper recently published by Imperva suggests that major cloud services like Google Drive, Dropbox and Microsoft’s OneDrive are at risk of man-in-the-cloud (MITC) attacks.
They revealed that the risk is high because of the fact that the hackers can access content on the cloud without needing any usernames or passwords. The firm alerted cloud based businesses about this attack at the Black Hat security conference in Las Vegas.
According to Imperva, all a hacker would have to do to access a user’s content, is to gain access to their authentication token, which is in a unique log-in file. Once they have access to that, they can inject malware, ransomware or anything they would like to exploit from the content.
To get access to that unique log-in file, the hackers exploit a vulnerability in the browser plug-ins. They send a malicious email with a tool named Switcher attached in that email to exploit that plug-in vulnerability.
The worst part about this attack, is that the user might not even notice that their account has been compromised. The only way to get rid of the attacker, is by deleting that account entirely because regardless of a password change, the hacker would still have access to your account.
In the published report, the firm said that, “From an attacker’s point of view, there are advantages in using this technique. Malicious code is typically not left running on the machine, and the data flows outthrough a standard, encrypted channel. In the MITC attack, the attacker does not compromise explicit credentials.”