Quantcast
RELATED ARTICLES
News

Gmail Vulnerability Could Let Hackers Redirect Your Email

Posted 11/24/08 at 03:36:04 PM |  by Andy Salisbury

comment Commentsprint Printemail EmailDeliciousDiggStumbleUponRedditSlashdot

If you’re a Gmail user and you’ve got a domain that’s registered through GoDaddy, you’ve been put in danger – from yourself.

A new security flaw in Gmail has caused a new exploit to run wild. The exploit essentially makes you to create a filter all on your own, allowing unwanted eyes to get access of your Gmail account.

In a nutshell, the exploit steals a cookie from you. Once this cookie has been swiped some malicious code creates a hidden iframe with a url that contains the variables required for Gmail to create a filter for your account. Once this is done, the hacker has free reign over your personal emails and whatever else you might associate with your Gmail account.

While this is clearly the shorthand version, be sure to check out the full rundown. If you’re one of the many that uses both Gmail and GoDaddy, we’d suggest that you take some time to check it out.

 

Image Credit: Google, GoDaddy.com

COMMENTS:
3
TAGS: 
Gmail, Google, exploit, vulnerability, hack
comment Commentsprint Printemail EmailDeliciousDiggStumbleUponRedditSlashdot
COMMENTS
avatarIs this just a new

Submitted by metric_inch on Tue, 2008-11-25 07:42

Is this just a new application of the cookie hijacking that has already been disclosed?
Go into your Gmail settings -> General Tab. Look for Browser connection and check Always use HTTPS

If your extra paranoid, get Firefox and NoScript.
NoScript can set cookies to be secure only. That means the cookie will only be sent over a secure (https) connection.
For someone to steal my GMAIL_AT cookie, they need to be using a ssl site.

Login or register to post comments
avatarOh noes, gmail is stealing

Submitted by pistola on Mon, 2008-11-24 15:46

Oh noes, gmail is stealing mai cookiez!

Login or register to post comments
avatarWhy do you people do that....

Submitted by Chocolate on Mon, 2008-11-24 16:18

really? Do you really think its funny. Whatever. Its the internet.

Login or register to post comments
RESOURCE CENTER

THIS MONTH's ISSUE
Maximum PC
FEATURE 21 Instant PC UpgradesBUYER'S GUIDE Budget videocards: which pass, which fail?HOW TOSupercharge Firefox & Maximize your SSDFEATURE3 trends that will save PC Gaming WHITE PAPERSurge supression
SUBSCRIBE NOW & SAVE 86%!

Don't have an account? Register Now! Forgot password?