RELATED ARTICLES
News

Gmail Vulnerability Could Let Hackers Redirect Your Email

Posted 11/24/08 at 03:36:04 PM |  by Andy Salisbury

comment Commentsprint Printemail EmailDeliciousDiggStumbleUponReddit

If you’re a Gmail user and you’ve got a domain that’s registered through GoDaddy, you’ve been put in danger – from yourself.

A new security flaw in Gmail has caused a new exploit to run wild. The exploit essentially makes you to create a filter all on your own, allowing unwanted eyes to get access of your Gmail account.

In a nutshell, the exploit steals a cookie from you. Once this cookie has been swiped some malicious code creates a hidden iframe with a url that contains the variables required for Gmail to create a filter for your account. Once this is done, the hacker has free reign over your personal emails and whatever else you might associate with your Gmail account.

While this is clearly the shorthand version, be sure to check out the full rundown. If you’re one of the many that uses both Gmail and GoDaddy, we’d suggest that you take some time to check it out.

 

Image Credit: Google, GoDaddy.com

COMMENTS:
3
TAGS: 
Gmail, Google, exploit, vulnerability, hack
comment Commentsprint Printemail EmailDeliciousDiggStumbleUponReddit
COMMENTS
avatarIs this just a new

Submitted by metric_inch on Tue, 2008-11-25 07:42

Is this just a new application of the cookie hijacking that has already been disclosed?
Go into your Gmail settings -> General Tab. Look for Browser connection and check Always use HTTPS

If your extra paranoid, get Firefox and NoScript.
NoScript can set cookies to be secure only. That means the cookie will only be sent over a secure (https) connection.
For someone to steal my GMAIL_AT cookie, they need to be using a ssl site.

Login or register to post comments
avatarOh noes, gmail is stealing

Submitted by pistola on Mon, 2008-11-24 15:46

Oh noes, gmail is stealing mai cookiez!

Login or register to post comments
avatarWhy do you people do that....

Submitted by Chocolate on Mon, 2008-11-24 16:18

really? Do you really think its funny. Whatever. Its the internet.

Login or register to post comments
RESOURCE CENTER

KICK ASS OFFERS

THIS MONTH's ISSUE
Maximum PC
FEATURE Awesome Upgrades: The best PC upgrades in every price range.HOW TO Connect your PC to your surround-sound audio systemProtect Your PC We put 10 of the most popular antivirus programs to the test to see which will protect you best. Android Revealed Find out how the Google-powered HTC G1 stacks up against its rivals.
Get your free trial issue

Don't have an account? Register Now! Forgot password?