The HackerNews reported on a flaw found by a security researcher that took advantage of the manage versions revised document feature in GDRIVE. The researcher, Allison Husain, found that you can upload a revised malicious document that will replace the previous safe document and give it the same name and it retains the safe extension. So you could upload any kind of file and it would potentially look like the original PDF.
A hacker could send a malware laced spear phish from Google Drive. Potentially allowing for yet another effective cloud based spear phishing attack. Hopefully, Google will patch this one real fast. Google quickly patched another flaw today that allowed spoofing from GSuite which also could have allowed hackers to send out phish from spoofed Gmail accounts!
The article says:
“Google lets you change the file version without checking if it’s the same type,” Nikoci said. “They did not even force the same extension. Needless to say, the issue leaves the door open for highly effective spear-phishing campaigns that take advantage of the widespread prevalence of cloud services such as Google Drive to distribute malware.”