The required email authentication for Google Workspace recently contained a vulnerability that allowed hackers to bypass it, according to a security specialist. The tech giant has since fixed the vulnerability.
According to security specialist KrebsOnSecurity, the hackers took advantage of the free trial that Google Workspace offers for its separate services, like Google Docs. End users of Google Workspace revealed this information. Some other services, like Gmail, require Workspace users to have control over the domain names associated with their business e-mail addresses, thus avoiding exposure to this vulnerability.
Vulnerability in the validation process
The vulnerability was hidden precisely in this validation process. Hackers were able to bypass this validation process during the Google Workspace login process by using one email address to log in and a completely different email address to verify a token.
Once the email verification was confirmed, hackers could get a Google Workspace account in a company’s name to carry out malicious practices. For example, seeking access to other providers’ services through Google’s single sign-on feature.
None of the affected domains have supposedly been associated with Google Workspace and services.
Google’s response
In a response to end users of Google Workspace, the company says the problem was discovered in late June. Several thousand accounts were reportedly compromised in the process. Google fixed the vulnerability 72 hours after they discovered it.
Some end users doubt that the vulnerability has been active only since June this year. In response to the KrebsOnSecurity posting, some readers indicate that they were affected as early as June or even in 2022 or 2023.
Also read: ‘Substantial risk of malicious extensions in Chrome Web Store’