{"id":176139,"date":"2023-11-16T09:23:44","date_gmt":"2023-11-16T15:23:44","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/11\/hackers-could-exploit-google-workspace-and-cloud-platform-for-ransomware-attacks"},"modified":"2023-11-16T09:23:44","modified_gmt":"2023-11-16T15:23:44","slug":"hackers-could-exploit-google-workspace-and-cloud-platform-for-ransomware-attacks","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/11\/hackers-could-exploit-google-workspace-and-cloud-platform-for-ransomware-attacks","title":{"rendered":"Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/hackers-could-exploit-google-workspace-and-cloud-platform-for-ransomware-attacks.jpg\"><\/a><\/p>\n<p>A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks.<\/p>\n<p>\u201cStarting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with <a href=\"https:\/\/support.google.com\/a\/answer\/9541083?hl=en\" rel=\"noopener\" target=\"_blank\">GCPW<\/a> installed, gain access to the cloud platform with custom permissions, or decrypt locally stored passwords to continue their attack beyond the Google ecosystem,\u201d Martin Zugec, technical solutions director at Bitdefender, <a href=\"https:\/\/www.bitdefender.com\/blog\/businessinsights\/the-chain-reaction-new-methods-for-extending-local-breaches-in-google-workspace\/\" rel=\"noopener\" target=\"_blank\">said<\/a> in a new report.<\/p>\n<p>A prerequisite for these attacks is that the bad actor has already gained access to a local machine through other means, prompting Google to mark the bug as <a href=\"https:\/\/bugs.chromium.org\/p\/chromium\/issues\/detail?id=1420209\" rel=\"noopener\" target=\"_blank\">not eligible for fixing<\/a> \u201csince it\u2019s outside of our threat model and the behavior is in line with Chrome\u2019s practices of storing local data.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. \u201cStarting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with [\u2026]<\/p>\n","protected":false},"author":662,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,34],"tags":[],"class_list":["post-176139","post","type-post","status-publish","format-standard","hentry","category-biotech-medical","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/176139","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/662"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=176139"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/176139\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=176139"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=176139"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=176139"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}