On November 1st, cloud storage behemoth Dropbox reported that attackers had successfully targeted some of their engineers, capturing credentials for the company’s account on GitHub. This gave the attackers access to the company’s source code for internal prototypes, as well as some of the tools used by Dropbox’s security team.
While users of all levels of sophistication are successfully tricked into providing credentials to phishing sites every day, the Dropbox case is notable for a couple of reasons. First, this attack was highly targeted and relatively sophisticated. The attackers identified a specific piece of software tied to GitHub that the Dropbox development team used and sent an email masquerading as the company that makes that software. Next, although Dropbox had systems in place to identify and quarantine phishing emails, those systems only blocked some of the emails while delivering others straight to users’ inboxes. ...read more!
