Not long ago, a new computer virus appeared and attacked users around the World. Not WannaCry (extortion virus) but a type of malicious code, spreading through Google Docs and making Google itself helpless , watching its brand be taken advantage of as an effective tool, aiding the bad guys.
It's impossible to pinpoint, but the virus was called by the method it used to attack the victim, the Google Docs virus. Specifically, when it has penetrated into any computer, it will automatically compose an email and send it to friends and acquaintances in the victim's list with the content it wants to share with you a document file. there. The trick may not seem too new, but the thing is that this virus will ask you to log in to your Google account, then the familiar Google OAuth authentication website will appear with a request for a password. access and force the user to agree to continue.
Google can't help but see it as a tool to spread viruses
Real and fake email illustrations
This virus is considered dangerous and sophisticated not only in that it comes from the address of someone you know. But also because it can accurately use every word of a standard email, even the biggest trap (the Open button ) is perfectly designed and lifelike, making users no matter how observant. also hard to detect.
In addition, as soon as you click the Open button to confirm the file share, the victim will be taken to a website that grants OAuth access (also from Google). The interface, the presentation, the words, the avatar... everything is so perfect it's unbelievable. Make no one doubt.
The only way to detect this is a phishing tool is to left-click on the downward arrow icon in the section Google Docs would like to , because it will now show you some information related to the source of this site, and that could be anything, except Google.
The only way to recognize the virus but almost no one knows and pays attention to this feature
As the images in the article, we can see that it is an email address named [email protected] .
This can be considered a major security flaw of Google, because its applications and software always use the Google OAuth authentication page, so it is very easy for bad guys to take advantage of attacks. However, there is an easy way to find out, that the development source of this page always has the extension @google.com .
At the same time, instead of directing the victim to a Google website, the virus will try to direct the victim to a fake website with a similar interface ( googledoc.g-docs.pro ).
Google still can't solve this problem for users
Another problem that Google also needs to consider, is that companies have limited control over the virus attached to Google's infrastructure. Instead of taking control, they will direct the user to an error page and turn off the authentication request from OAuth. Although Google took steps to prevent it, with the short time it took to spread, the Google Docs virus got everything it needed from its victims.
Preventing Viruses Google Docs
Currently, Google has only announced that they have removed the offending accounts and fake websites, without mentioning the prevention or remedy for the victims, the only way that users still have to rely on, is to be vigilant. and do some simple methods below:
- Do not click on suspicious links, even if the sender of the email is your lover or boss.
- Enable two- factor authentication.
- Change your email account password and all other services. Then set up a really strong password with a combination of numbers, lowercase and uppercase characters.
- Disable access to your account. When you realize you've accidentally clicked on a link sent by a virus, immediately revoke the access granted to Google Docs by going to your Google account management homepage , then searching Google Docs and Remove the permissions that I have granted to this tool before.
- Another way that you can also apply, is right in the interface of your Gmail account, report fake email, email that you suspect to contain that virus to Google.
Until Google or security companies find a way to completely fix this problem, you should be careful what you suspect and try to be careful with every click of your mouse.