Announcements
Do you have an idea for Dropbox Paper? Share it with us here!

default

no

Highlighted

Hackers abusing Dropbox to access Gmail?!!!

Explorer | Level 4

Google Chrome is up-to-date
Versie 75.0.3770.100 (Officiële build) (32-bits)
I sent the Chrome team this 2 days ago and I also contacted API Support team...


Copy-paste:

Somehow the virus contained in this file [link removed by moderator] and this file [link removed by moderator]  immediately broke out of my 360 TotalSecurity Sandbox and not only that, it started adding all my logged in gmail accounts to dropbox!!! IP History shows a browser used in Sweden. I have 2FA enabled for all gmail accounts (no mobile number) so it's beyond me how they can add my gmail accounts (even Apps for your Domain) to Dropbox (without Dropbox being able to find the account through password reset). I quickly noticed the file was not safe so I disconnected the internet and cleaned up (only 1 PuP file for some Russian mail app in AppData\Local). Yet within 20 seconds the damage was already done... crying face

1. how can dropbox give gmail accounts access to non-existing accounts (I got almost a dozen notification emails from Google, they are legit),
2. how can a virus read my logged in gmail addresses (I don't store any passwords but I do use lastpass, which wasn't the leak because that contains many more gmail accounts that didn't get breached)?
3. Next to the dropbox warnings, I also got a password reset email from Bittrex crypto exchange... I made that account last week, with a non-existing email address (but catch-all of my domain)... How the frack did they get that email address that quickly?
4. WHAT INFORMATION IN MY Gmail CAN BE ACCESSED THROUGH DROPBOX???!!!

Luckily I investigated the Google Notifications on my Mobile phone and immediately changed all passwords... Yet I have no idea if my private information has been stolen already... Access to my gmail would be a hackers' paradise. So far, all is good BUT I have not forgotten the password reset request for my virgin Bittrex account...!

(end copy-paste)

I thought you should know to. I have ran Avast (it was installed), 360 TotalSecurity (with all engines enabled, even Avira's) and now also a Full working Demo version of Dr.Web (which did wonders on my Android phones) including a firewall. All is (reportedly) clean.

Kindly advise: especially question 4 (ALL CAPS) is important to ME. What's going on here??? How can hackers in Sweden use Dropbox with non-existing Dropbox accounts to access my gmail??? And WHAT can they access?

Regards

 

* actually, the downloaders itself are kind-of safe; the resulting download (an ISO file) contains the nasty piece of software that triggered all of Google's emails warning me about Dropbox access from Sweden (where I don't live).

11 Replies

Re: Hackers abusing Dropbox to access Gmail?!!!

Dropboxer
Hey there @gebruikersnaam, I’m sorry to hear you experienced this!
 
Just to ensure that I understand the situation clearly, can you please clarify for me the role of Dropbox in this for me. From what I understood, Dropbox accounts were created with your Gmail email addresses, is that right?
 
When creating a Dropbox account, you can create it under any email address (so be careful of typos). However, to be able to use the features of Dropbox you will need access to the email address the account was created under to verify the account. Were the notifications you received about getting started and verifying the email address?
 
In terms of what Gmail info can be accessed through a Dropbox account, without verifying the account you wouldn’t be able to access anything. If the account had been verified and the Gmail account connected through the connected apps (which you would see from the account settings), then through Dropbox, contacts and calendars could be accessed. 
 
Essentially, it wouldn’t be possible to access your Gmail account by creating a Dropbox account under that email address.
 
I hope this hits the mark but please let me know if there is anything I’ve misunderstood or you would like some further clarification on. I’d be more than happy to assist you with this.
 
Thanks!

Daphne
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so, please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! (
Questions asked in the community will likely receive an answer within 4 hours!)

Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Explorer | Level 4

Email sent by Google:

Dropbox was granted access to your Google Account
email-address@gmail.com

If you did not grant access, you should check this activity and secure your account.
 
You received this email to let you know about important changes to your Google Account and services.
Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Explorer | Level 4

Q: "Were the notifications you received about getting started and verifying the email address?"

No. No sign-up emails were received, just the above ones. A password reset for the compromised email addresses for which I got the Google warnings, did not get a password reset email from Dropbox. Google Account activity clearly shows activity from a browser session in Sweden, on ALL affected accounts.

 

 

Dropbox connected to your account
June 28, 2019 at 1:17 PM

 

Dropbox was granted permission to connect to your Google Account
Device:
 
Time:June 28, 1:17 PM
Location:Sweden
IP address:185.236.42.111
 
 
 
 
 

 

 
 
 
 
 
Map data ©2019
Approximate location (may include nearby towns)
Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Dropboxer
 
Thanks for providing that info for me. At this point, it would be best to continue this discussion over on our Support channel due to the nature of the issue. Would you mind if I reached out to the email address associated with your Community profile?
 
Let me know - Thanks!

Daphne
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so, please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! (
Questions asked in the community will likely receive an answer within 4 hours!)

Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Explorer | Level 4

Weird! I'm pretty sure I already replied... Yeah, sure, you may contact me. 

slightly smiling face

Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Dropboxer
Upon going to reach out to your email address, I located your open ticket and I’ve followed up there @gebruikersnaam. Please check your inbox at your earliest convenience for my reply.
 
Cheers!

Daphne
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so, please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! (
Questions asked in the community will likely receive an answer within 4 hours!)

Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

New member | Level 2

Hi,

want to know your reply as far as had same issue and hacking attamt to my google account described above. 

Absolutely same situation and recived notification email about 'Dropbox was granted access to your Google Account' and i do not have dropbox account at all.

As far as you didn't reply here need to ask to reply for myself as well

Thanks 

Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

Dropboxer

Hey there @issue_google, thanks for joining us here!

I'm sorry to hear about your situation, I'll try my best to assist you with this.

Firstly, can you just check that the email you received is from an official domain? When viewing the notification you mentioned in your email inbox, you can click the sender's name to see the exact email this was sent from. What do you see there?

Also, to connect a Dropbox account to your Google account, they need to be under the same email address. Can you try signing into Dropbox with your Google email address? You can request a password reset to access the account if you need to.

Let me know what you find and we'll take it from there!


Daphne
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so, please give it a Like below. 
White check mark Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.
Arrows Counter Clock Still stuck? Ask me a question! (
Questions asked in the community will likely receive an answer within 4 hours!)

Reply
Loading...

Re: Hackers abusing Dropbox to access Gmail?!!!

New member | Level 2

Regarding forat question - email sender is Google  with @accounts.google.com domain

Ablout signing in into dropbox seems that no account for my google email registered but in google account in recent events I see 'Dropbox connected to your account' notification (from location far from me)

Reply
Loading...
Manage Account

Have a question? Our Dropbox Community is here to help!

Post your question or search for an answer below.


Learn more about using the Community by reading our Community Guidelines.


Hi anonymous,

If you need more help you can log a ticket with our Support Team here (expected response time 24 hours), or contact us on Twitter or Facebook.

For more info on available support options, see this article.

If you found the answer to your question, please 'like' the post to say thanks to the user!

Hackers abusing Dropbox to access Gmail?!!!
1,066 Views
11 Replies
2 Likes
Looking for Dropbox Paper users
Do you use Dropbox Paper?

If so, we're starting a design feedback group and we'd love for you to be a part of it. We have paid feedback opportunities - both in person and remotely - for English speaking users based in the US.

Interested? Take the short survey to let us know.

Take the survey
Who's talking
Top contributors to this post