An odd spike in spam lead some users of Dropbox to wonder if the service had suffered a breach. The incident occurred when users of the cloud-locker service discovered that e-mail addresses they had uniquely made for those accounts received a sudden uptick in spam e-mails from various sources. This lead to threads being posted in the Dropbox forums and speculation rising on sites such as Reddit.
Steve Ragan from SecurityWeek ran down the domains and advertisements that many of the spammers were using to target the Dropbox users in question,
InBoxes targeted by the spammer are seeing advertisements for EU Dice, Euro Gaming Palace, Premier Players Club, Vegas Virtual, SP Casino, and Best2day Support, and this is only list of the most mentioned spammed topics.
Commenting on the reports, Cloudmark said that recent data from their Global Threat Network showed 364 different domains in use by this spammer. “Some of the domains point to an IP address shared with domains that have been seen by our system in prior spam campaigns as far back as 2008. So this is a long way from a new campaign,” the anti-spam company explained.
As this occurred on Wednesday, Dropbox has been quick to begin an investigation of the incident.
“We wanted to update everyone about spam being sent to email addresses associated with some Dropbox accounts. We continue to investigate and our security team is working hard on this. We’ve also brought in a team of outside experts to make sure we leave no stone unturned,” a Dropbox staffer said on the user forums.
“While we haven’t had any reports of unauthorized activity on Dropbox accounts, we’ve taken a number of precautionary steps and continue to work around the clock to make sure your information is safe. We’ll continue to provide updates.”
So far UK and EU users appear to have been hit the hardest.
Dropbox has been in the news over the years due to the quality of the security placed on files saved in their personal-clouds via the service. For example, the FTC threatened an investigation into the service over expectations of privacy of user files—particularly because Dropbox employee’s have access to the encryption keys used to store the files in the cloud. And when the cloud-locker updated their Terms of Service in July 2011, it caused a row about how private user files are accessible or commutable by such services. The situation of privacy and security with cloud-based file lockers and other services is still an evolving field of scrutiny and question.
However, the swift response from Dropbox to bring in an outside source to determine if the spam event is because of a breach on their end feels heartening. It means that the cloud service is sensitive to customer concerns about the integrity of their files.