Wednesday, 26 November 2008

Potential flaw in Gmail can get it hacked...

Sponsored Links
Find high paying job. It's quick! It's Free!!Earn some quick money by spending just 5 minutes!!
All those Gmail fans out there, here's an important piece of security news for you. A blogger, Brandon Partridge, on Geek Condition has reported that a security vulnerability in Gmail may allow an attacker to hack into Gmail users accounts. Read on to find what it does and how it works...

According to the blog, the security vulnerability may allow an attacker to set up filters on users' email accounts without their knowledge. Web developer Partridge warned that an attacker can force unsuspecting Gmail users to create malicious message filter without their knowledge. Through this, the attacker can hijack messages sent to the victim's Gmail account by redirecting specific messages into the trash and forwarding a copy to the attacker, or so Partridge claims.

In the post on Geek Condition Brandon writes that the vulnerability has caused many people to lose their domain names registered through GoDaddy is one of the largest domain name registrar and is the flagship company of The Go Daddy Group Inc. The security flaw in Gmail allows a hacker to forward GoDaddy account reset information by the victim without his/her knowledge or consent. This is done by creating a filter that forwards GoDaddy's `change of password' mail to the hacker and deletes it from users' inbox.

Wondering is it possible to create a malicious filter without having access to a user's Gmail username and password? No, it is not. However, hackers can force users to create the filter without their knowledge. When a user creates a filter in Gmail account, a request is sent to Google servers to get it cleared. The request is in form of a URL with many variables that the browser doesn't display. However, web browser FireFox and a plugin called Live HTTP Headers, displays exactly what variables are sent to Google servers. Through a process of elimination, the role of each variable can be ascertained. A particular variable is equivalent to the username which is permanent. Other variable can be determined by tricking the user to visit a web page that has a malicious code. This malicious code steals the cookie from the user and creates an iframe with a URL containing the variables that authorise Gmail to create filter for the user's account.

I also didn't believe it. Check out the complete analysis by
Indiatimes Infotech. In order to prevent hackers to exploit this loophole, frequently monitor your filters. In case you find something suspicious, report it immediately.

Please note that this article is not my own opinion; it is just republishing someone else's findings.
So I would not be responsible if this hurts someone's sentiments.

Do not miss even a single tech update... Subscribe to RSS feeds now!

No comments: