Announcements
Known issues updated. Learn more

default

no

Highlighted

Hackers abusing Dropbox to access Gmail?!!!

Explorer | Level 3

Google Chrome is up-to-date
Versie 75.0.3770.100 (Officiële build) (32-bits)
I sent the Chrome team this 2 days ago and I also contacted API Support team...


Copy-paste:

Somehow the virus contained in this file [link removed by moderator] and this file [link removed by moderator]  immediately broke out of my 360 TotalSecurity Sandbox and not only that, it started adding all my logged in gmail accounts to dropbox!!! IP History shows a browser used in Sweden. I have 2FA enabled for all gmail accounts (no mobile number) so it's beyond me how they can add my gmail accounts (even Apps for your Domain) to Dropbox (without Dropbox being able to find the account through password reset). I quickly noticed the file was not safe so I disconnected the internet and cleaned up (only 1 PuP file for some Russian mail app in AppData\Local). Yet within 20 seconds the damage was already done... crying face

1. how can dropbox give gmail accounts access to non-existing accounts (I got almost a dozen notification emails from Google, they are legit),
2. how can a virus read my logged in gmail addresses (I don't store any passwords but I do use lastpass, which wasn't the leak because that contains many more gmail accounts that didn't get breached)?
3. Next to the dropbox warnings, I also got a password reset email from Bittrex crypto exchange... I made that account last week, with a non-existing email address (but catch-all of my domain)... How the frack did they get that email address that quickly?
4. WHAT INFORMATION IN MY Gmail CAN BE ACCESSED THROUGH DROPBOX???!!!

Luckily I investigated the Google Notifications on my Mobile phone and immediately changed all passwords... Yet I have no idea if my private information has been stolen already... Access to my gmail would be a hackers' paradise. So far, all is good BUT I have not forgotten the password reset request for my virgin Bittrex account...!

(end copy-paste)

I thought you should know to. I have ran Avast (it was installed), 360 TotalSecurity (with all engines enabled, even Avira's) and now also a Full working Demo version of Dr.Web (which did wonders on my Android phones) including a firewall. All is (reportedly) clean.

Kindly advise: especially question 4 (ALL CAPS) is important to ME. What's going on here??? How can hackers in Sweden use Dropbox with non-existing Dropbox accounts to access my gmail??? And WHAT can they access?

Regards

 

* actually, the downloaders itself are kind-of safe; the resulting download (an ISO file) contains the nasty piece of software that triggered all of Google's emails warning me about Dropbox access from Sweden (where I don't live).

6 Replies

Re: Hackers abusing Dropbox to access Gmail?!!!

Dropboxer
Hey there @gebruikersnaam, I’m sorry to hear you experienced this!
 
Just to ensure that I understand the situation clearly, can you please clarify for me the role of Dropbox in this for me. From what I understood, Dropbox accounts were created with your Gmail email addresses, is that right?
 
When creating a Dropbox account, you can create it under any email address (so be careful of typos). However, to be able to use the features of Dropbox you will need access to the email address the account was created under to verify the account. Were the notifications you received about getting started and verifying the email address?
 
In terms of what Gmail info can be accessed through a Dropbox account, without verifying the account you wouldn’t be able to access anything. If the account had been verified and the Gmail account connected through the connected apps (which you would see from the account settings), then through Dropbox, contacts and calendars could be accessed. 
 
Essentially, it wouldn’t be possible to access your Gmail account by creating a Dropbox account under that email address.
 
I hope this hits the mark but please let me know if there is anything I’ve misunderstood or you would like some further clarification on. I’d be more than happy to assist you with this.
 
Thanks!



Daphne
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so, please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! 

Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Explorer | Level 3

Email sent by Google:

Dropbox was granted access to your Google Account
email-address@gmail.com

If you did not grant access, you should check this activity and secure your account.
 
You received this email to let you know about important changes to your Google Account and services.
Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Explorer | Level 3

Q: "Were the notifications you received about getting started and verifying the email address?"

No. No sign-up emails were received, just the above ones. A password reset for the compromised email addresses for which I got the Google warnings, did not get a password reset email from Dropbox. Google Account activity clearly shows activity from a browser session in Sweden, on ALL affected accounts.

 

 

Dropbox connected to your account
June 28, 2019 at 1:17 PM

 

Dropbox was granted permission to connect to your Google Account
Device:
 
Time:June 28, 1:17 PM
Location:Sweden
IP address:185.236.42.111
 
 
 
 
 

 

 
 
 
 
 
Map data ©2019
Approximate location (may include nearby towns)
Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Dropboxer
 
Thanks for providing that info for me. At this point, it would be best to continue this discussion over on our Support channel due to the nature of the issue. Would you mind if I reached out to the email address associated with your Community profile?
 
Let me know - Thanks!



Daphne
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so, please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! 

Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Explorer | Level 3

Weird! I'm pretty sure I already replied... Yeah, sure, you may contact me. 

slightly smiling face

Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Dropboxer
Upon going to reach out to your email address, I located your open ticket and I’ve followed up there @gebruikersnaam. Please check your inbox at your earliest convenience for my reply.
 
Cheers!



Daphne
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so, please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! 

Reply
Loading...
Manage Account

Have a question? Our Dropbox Community is here to help!

Post your question or search for an answer below.


Learn more about using the Community by reading our Community Guidelines.


Hi anonymous,

If you need more help you can log a ticket with our Support Team here (expected response time 24 hours), or contact us on Twitter or Facebook.

For more info on available support options, see this article.

If you found the answer to your question, please 'like' the post to say thanks to the user!

Hackers abusing Dropbox to access Gmail?!!!
341 Views
6 Replies
0 Likes
Who's talking
Top contributors to this post