Friday, May 5, 2017

Attackers Unleash OAuth Worm via 'Google Docs' App

From DataBreach Today:

Attackers Unleash OAuth Worm via 'Google Docs' App

"A malicious app named "Google Docs" by attackers has been making the rounds, attempting to trick Google users into logging in and giving the app access permissions to their account.

The phishing campaign began with an email to victims from an address they likely would have recognized, according to multiple analyses of the attack that have now been posted online by security researchers. But the campaign quickly turned into a worm, as users authorized the bogus app in droves, allowing it to spread to their own contacts."

No comments:

Post a Comment