Software developer duo hack Dropbox

closeThis article could be out of date, as it was published 11 months 27 days ago.

Two software developers have reportedly hacked cloud-bases storage provider Dropbox, a move the company is dismissing as “ineffective.”

Bypassing its two-factor authentication, a paper published on usenix.org entitled ‘Looking inside the (Drop) box’, has claimed responsibility for the breach.

“In spite of its widespread popularity, we believe that Dropbox as a platform hasn’t
been analyzed extensively enough from a security standpoint,” wrote developers, Dhiru Kholia and Przemyslaw Wegrzyn.

“We describe a method to bypass Dropbox’s two factor authentication and hijack
Dropbox accounts.

“Additionally, generic techniques to intercept SSL data using code injection techniques and monkey patching are presented.

“We believe that our biggest contribution is to open up the Dropbox platform to further security analysis and research.”

In response to the breach, a Dropbox spokesperson told Computerworld:

“We appreciate the contributions of these researchers and everyone who helps keep Dropbox safe.

“In the case outlined here, the user’s computer would first need to have been compromised in such a way that it would leave the entire computer, not just the user’s Dropbox, open to attacks across the board.”

The website currently has over 100 million users who upload as man as a billion files per day.

Follow Us
on Google+
Sponsored

Review: ASUS DSL-N66U

NetGuide The ASUS DSL-N66U (no fancy names here) lands at about the same price as Netgear’s Nighthawk but is a hell of a lot less flashy and much more industrial – does this mean it works like a machine?   Read More →