3 min learnNew DelhiFeb 8, 2026 02:55 PM IST
Safety researchers stated they’ve discovered two main vulnerabilities in Google’s enterprise intelligence platform, Looker, that would probably allow hackers to take over “complete methods” and “steal company secrets and techniques”.
Collectively dubbed as ‘LookOut’, one of many platform’s vulnerabilities entails a Distant Code Execution (RCE) chain that would permit an attacker to take full management of a Looker server by working their very own malicious instructions remotely, researchers at cybersecurity agency Tenable stated in a weblog put up on Thursday, February 5.
The Google-owned enterprise intelligence platform is reportedly utilized by greater than 60,000 corporations in 195 international locations. Hackers concentrating on cloud cases of Looker might probably exploit safety flaws to realize cross-tenant entry, as per the researchers. They additional stated that corporations had been weak to the whole theft of Looker’s inner administration database.
“By tricking the system into connecting to its personal ‘personal mind’ researchers used a specialised data-extraction approach to obtain delicate consumer credentials and configuration secrets and techniques,” Tenable stated.
“This degree of entry is especially harmful as a result of Looker acts as a central nervous system for company info, and a breach might permit an attacker to control information or transfer deeper into an organization’s personal inner community,” Liv Matan, Senior Analysis Engineer at Tenable, stated.
The researchers acknowledged that Google responded shortly to safe its managed cloud model of Looker after the vulnerabilities had been reported to the tech big. Nevertheless, in addition they stated that organisations internet hosting Looker on their very own personal servers or on-prem {hardware} would possibly nonetheless be weak.
“These organisations should manually apply safety patches to shut these backdoors, as they presently bear the complete burden of defending their infrastructure from potential administrative takeover,” Tenable stated.
Story continues under this advert
What’s Looker?
Looker, primarily based in Santa Cruz, California, helps corporations visualise and analyse the information they retailer within the cloud. Google agreed to purchase Looker for $2.6 billion in 2019, increasing its choices to assist clients handle information within the cloud, in line with a report by Bloomberg.
The Looker acquisition is claimed to have given Google one other software in its bigger marketing campaign to promote extra cloud storage and software program.
How can customers shield themselves?
With the intention to keep away from the potential exploitation of those vulnerabilities, Tenable researchers really helpful that directors ought to assessment their methods for particular indicators of compromise.
“First, they need to examine the file system for any surprising or unauthorised information throughout the .git/hooks/ listing of Looker venture folders, paying shut consideration to scripts named pre-push, post-commit, or applypatch-msg that will have been positioned there by an attacker,” the corporate stated.
Story continues under this advert
“Moreover, safety groups ought to look at software logs for indicators of inner connection abuse, particularly trying to find uncommon SQL errors or patterns in line with error-based SQL injection concentrating on inner Looker database connections like looker__ilooker,” it added.