Software developer duo hack Dropbox

closeThis article could be out of date, as it was published 1 year 1 month 20 days ago.

Two software developers have reportedly hacked cloud-bases storage provider Dropbox, a move the company is dismissing as “ineffective.”

Bypassing its two-factor authentication, a paper published on usenix.org entitled ‘Looking inside the (Drop) box’, has claimed responsibility for the breach.

“In spite of its widespread popularity, we believe that Dropbox as a platform hasn’t
been analyzed extensively enough from a security standpoint,” wrote developers, Dhiru Kholia and Przemyslaw Wegrzyn.

“We describe a method to bypass Dropbox’s two factor authentication and hijack
Dropbox accounts.

“Additionally, generic techniques to intercept SSL data using code injection techniques and monkey patching are presented.

“We believe that our biggest contribution is to open up the Dropbox platform to further security analysis and research.”

In response to the breach, a Dropbox spokesperson told Computerworld:

“We appreciate the contributions of these researchers and everyone who helps keep Dropbox safe.

“In the case outlined here, the user’s computer would first need to have been compromised in such a way that it would leave the entire computer, not just the user’s Dropbox, open to attacks across the board.”

The website currently has over 100 million users who upload as man as a billion files per day.

Follow Us
on Google+
Sponsored

Review: Rapoo 6610 Wireless Mouse

NetGuide Rapoo have released another mouse onto the market. The 6610 will work in pretty much any environment as it comes with Bluetooth 3.0 and a nano receiver which allows it to use a dongle (included) for non-Bluetooth machines.   Read More →