Need to see if your shared folder is taking up space on your dropbox 👨💻? Find out how to check here.
Forum Discussion
Hackers abusing Dropbox to access Gmail?!!!
Google Chrome is up-to-date
Versie 75.0.3770.100 (Officiële build) (32-bits)
I sent the Chrome team this 2 days ago and I also contacted API Support team...
Copy-paste:
Somehow the virus contained in this file [link removed by moderator] and this file [link removed by moderator] immediately broke out of my 360 TotalSecurity Sandbox and not only that, it started adding all my logged in gmail accounts to dropbox!!! IP History shows a browser used in Sweden. I have 2FA enabled for all gmail accounts (no mobile number) so it's beyond me how they can add my gmail accounts (even Apps for your Domain) to Dropbox (without Dropbox being able to find the account through password reset). I quickly noticed the file was not safe so I disconnected the internet and cleaned up (only 1 PuP file for some Russian mail app in AppData\Local). Yet within 20 seconds the damage was already done... ;-(
1. how can dropbox give gmail accounts access to non-existing accounts (I got almost a dozen notification emails from Google, they are legit),
2. how can a virus read my logged in gmail addresses (I don't store any passwords but I do use lastpass, which wasn't the leak because that contains many more gmail accounts that didn't get breached)?
3. Next to the dropbox warnings, I also got a password reset email from Bittrex crypto exchange... I made that account last week, with a non-existing email address (but catch-all of my domain)... How the frack did they get that email address that quickly?
4. WHAT INFORMATION IN MY Gmail CAN BE ACCESSED THROUGH DROPBOX???!!!
Luckily I investigated the Google Notifications on my Mobile phone and immediately changed all passwords... Yet I have no idea if my private information has been stolen already... Access to my gmail would be a hackers' paradise. So far, all is good BUT I have not forgotten the password reset request for my virgin Bittrex account...!
(end copy-paste)
I thought you should know to. I have ran Avast (it was installed), 360 TotalSecurity (with all engines enabled, even Avira's) and now also a Full working Demo version of Dr.Web (which did wonders on my Android phones) including a firewall. All is (reportedly) clean.
Kindly advise: especially question 4 (ALL CAPS) is important to ME. What's going on here??? How can hackers in Sweden use Dropbox with non-existing Dropbox accounts to access my gmail??? And WHAT can they access?
Regards
* actually, the downloaders itself are kind-of safe; the resulting download (an ISO file) contains the nasty piece of software that triggered all of Google's emails warning me about Dropbox access from Sweden (where I don't live).
11 Replies
Replies have been turned off for this discussion
- Daphne
Dropbox Community Moderator
Thanks for the additional info issue_goggle!
I'm afraid in this case, since there isn't a Dropbox account under that email address, I would suggest contacting Google Support for some further assistance.
Without knowing the Dropbox account, we have limited info on what exactly occurred. Google should have access to more info on this event to be able to clarify the situation further.
That being said, I was able to find this thread here from Google Support on how you can disconnect Dropbox through your Google account in the meantime.
Please do keep me updated with what you find!
Yeah Dropbox support, in the end, was an absolute waste of time and an utter joke: we don't know, please contact Google to get the answers you seek...
Sure... Thank you!
:(
Regarding forat question - email sender is Google with @accounts.google.com domain
Ablout signing in into dropbox seems that no account for my google email registered but in google account in recent events I see 'Dropbox connected to your account' notification (from location far from me)
- Daphne
Hey there issue_goggle, thanks for joining us here!
I'm sorry to hear about your situation, I'll try my best to assist you with this.
Firstly, can you just check that the email you received is from an official domain? When viewing the notification you mentioned in your email inbox, you can click the sender's name to see the exact email this was sent from. What do you see there?
Also, to connect a Dropbox account to your Google account, they need to be under the same email address. Can you try signing into Dropbox with your Google email address? You can request a password reset to access the account if you need to.
Let me know what you find and we'll take it from there!
Hi,
want to know your reply as far as had same issue and hacking attamt to my google account described above.
Absolutely same situation and recived notification email about 'Dropbox was granted access to your Google Account' and i do not have dropbox account at all.
As far as you didn't reply here need to ask to reply for myself as well
Thanks
- Daphne
Weird! I'm pretty sure I already replied... Yeah, sure, you may contact me.
:)
- Daphne
Q: "Were the notifications you received about getting started and verifying the email address?"
No. No sign-up emails were received, just the above ones. A password reset for the compromised email addresses for which I got the Google warnings, did not get a password reset email from Dropbox. Google Account activity clearly shows activity from a browser session in Sweden, on ALL affected accounts.
Dropbox connected to your accountJune 28, 2019 at 1:17 PMDropbox was granted permission to connect to your Google AccountDevice: Time: June 28, 1:17 PM Location: Sweden IP address: 185.236.42.111 
Approximate location (may include nearby towns)Email sent by Google:
Dropbox was granted access to your Google Accountemail-address@gmail.com
If you did not grant access, you should check this activity and secure your account.You received this email to let you know about important changes to your Google Account and services.© 2019 Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
