I was perusing the seminar briefing website from this year’s Black Hat EU, fishing for potential article topics, when I came across a briefing note titled “DropSmack: How cloud synchronization services render your corporate firewall worthless.” Feeling a nibble, I read the briefing. Right away, I knew I hooked a keeper:
“The contributions of this presentation are threefold. First, we show how cloud-based synchronization solutions in general, and Dropbox in particular, can be used as a vector for delivering malware to an internal network.”
The other two contributions were as eye-opening:
Show how the Dropbox synchronization service can be used as a Command and Control (C2) channel.
Demonstrate how functioning malware is able to use Dropbox to smuggle out data from exploited remote computers.