Malware is now using Google Docs to attack you


December 18, 2012

This news might be shocking to many but it is an unfortunate truth. Security researchers have discovered malware that can not only manipulate Google Docs but also attack computer systems of the users who have trusted Google with their document, spreadsheet and other file management. This is very unpleasant news to many loyal users of Google Docs who have trusted Google with all their business information.

What’s the story behind the Google Docs malware?

It all started when a few security experts found out about a specific malware,  Backdoor.Makadocs, which has the ability to manipulate the Google Drive Viewer feature to receive instructions from a real command and control server. To be more precise, this malware actually uses Google Docs as a bridge to communicate with attackers and hides the malicious traffic.

The Google Drive Viewer was developed to display a variety of file types from remote URLs directly in Google Docs. However, none of the developers ever thought of the possibility of malware that would use these features for destructive purposes. According to tech security experts, there is a new version of malware from the “Backdoor. Makadocs” family that can use the “Viewer” feature in Google Drive as a proxy for receiving instructions from a hacking command and control server.

Although there wasn’t any report of serious damage from this malware, it can still lead to serious problems in the future and businesses must review if Google Docs is still a viable way to store and work on confidential business information.

How does this malware work?

This specific malware is actually distributed through RTF or Microsoft Word documents. However, unlike many malware threats it doesn’t install itself automatically. Rather it tempts the users with an interesting title & content of the document and tricks them into clicking the file.

After this, the malware is ready to receive and execute commands sent from the Command and Control server by a hacker and steal vital information from the contaminated computers.

According to recent reports, this malware was actually targeted to Brazilian users and there wasn’t any sever infections reported due to this virus-like activity. However, the malware contains code which is able to identify whether a target PC has Windows Server 2012 or Windows 8 installed.

This raises concerns for many small business owners who have turned to Google Docs as a way to control costs versus other cloud-based solutions such as Microsoft Office365.  It is a big concern for many businesses and a threat that must be taken seriously.

Is your small business using Google docs? Need to speak with our professionals about the potential risks associated with using Google Docs or Gmail in your business? Call us and our professional IT security experts will help you make an informed decision on the best cloud service for your business.

We're Integris. We're always working to empower people through technology.

Keep reading

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...

7 Signs Your Denver Business Needs a Tech Update

Regardless of size or industry, technology is an essential part of every Denver business. That being said, technological improvements and advancements can develop quite quickly, leaving some businesses scrambling to keep up. While many businesses cite expenses in the...

Cybersecurity best practices for Boston Businesses

Securing your businesses sensitive data, networks, and devices is non-negotiable in the technologically-driven world we live in. Whether you are a small business or or corporation in Boston, it is imperative that you prioritize cybersecurity. It is no longer enough to...