GMail Flaw Leaves Your Email Open To Anyone
A new GMail exploit has been revealed that will essentially let malicious attackers keep tabs on the victim’s emails. The attack uses a cross-site request forgery (CSRF) to create a backdoor that can be used by an attacker to read the victim’s email.
Petko Petkov, of the PDF Exploit fame, has demonstrated the GMail bug for Zdnet to prove it works. The exploit does not require any user action, and unsuspecting users may already be victims.
The victim visits a page while being logged into GMail. Upon execution, the page performs a multipart/form-data POST to one of the GMail interfaces and injects a filter into the victim’s filter list. In the example above, the attacker writes a filter, which simply looks for emails with attachments and forward them to an email of their choice. This filter will automatically transfer all emails matching the rule. Keep in mind that future emails will be forwarded as well. The attack will remain present for as long as the victim has the filter within their filter list, even if the initial vulnerability, which was the cause of the injection, is fixed by Google.
Even if Google patches the flaw, affected users will still have to manually remove the filter to stop the attack.
For all of you using GMail, check your filters and make sure they’re all yours.
Technorati Tags: Tech News, GMail
(No Ratings Yet)
Loading ...-
Liked this post? Subscribe to the RSS Feed
Thank you for reading this post. You can now Read Comments (24) or Leave A Trackback.
Post Info
This entry was posted on Thursday, September 27th, 2007 and is filed under Internet News. .You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: Saur: Free 3 Column WordPress Theme »
Next Post: Dell XPS M1730: Portable Gaming Goodness »
September 27th, 2007 00:58
checked filters, thankfully I have not been exploited…well at least not yet
September 27th, 2007 01:37
I still find it scary that when you close Firefox and/or IE, that GMail isn’t automatically logged out. Google still has a long way to go with it. Let’s hope the rumored upcoming ‘new’ version changes a lot these problems.
September 27th, 2007 01:44
@Jamaipanese:
Good to hear you haven’t been exploited buddy
@TimmyJ:
I forgot about that. I hope they change their session management in the next version.
September 27th, 2007 03:19
That’s pretty scary…I feel vulnerable.
September 27th, 2007 03:25
Yeh I recently read about this flaw and it haunts me as I am a all-go Gmail user
Plus a guy recently discovered a way to hi jack Gmail and published on his blog making it available to thousands of potential hackers out there
Oh My God I forgot Gmail is Beta. Why the hell am I even using it
September 27th, 2007 03:56
beta..omg..I forgot about that as well!
September 27th, 2007 04:09
@Susan:
I know how you feel
@Dj:
It is still in beta I forgot hehehehe
@Jamaipanese:
me too buddy haha
September 27th, 2007 04:12
Man that is just scary!
September 27th, 2007 04:46
@Thomas:
My first reaction was “oh crap”
September 27th, 2007 05:23
Me, too! Haha. “Oh, crap.” Checked filters. Thanks for this.
September 27th, 2007 05:38
That is seriously scary, thankfully I only have hotmail.
September 27th, 2007 06:12
@Lisa:
Now I’m paranoid .. I keep checking my filters
@Christy:
I think this is karma for all the times I said hotmail wasn’t good
September 27th, 2007 12:44
This is really scary stuff for Gmail users. I use gmail with Google apps. Let me see if I have any filters created.
September 27th, 2007 12:56
@Nirmal:
That’s what I keep doing hehe
September 27th, 2007 13:44
Now is this the reason Google name their products as Beta
September 27th, 2007 13:46
Hey buddy, I noticed one of my filters said, “4ward2_bbaron”. You know anything about that?
September 27th, 2007 13:52
@Shankar:
You’re absolutely right buddy
@Mark:
Erm .. must have been the “Blue Baron” yeah
September 27th, 2007 18:04
Wow, thank you Brown Baron! Another great reason to make sure I never miss a single post from you. I have really come to depend on your ability to help fellow bloggers with important information. I checked my filters and currently, I have none. Does this mean I am in the clear?
September 27th, 2007 21:00
Thanks!
I only use mine for Adsense but I’m going to check it out now.
September 27th, 2007 22:04
Aw man… I think I got popped with this. Checking my filters, I found one that I never did anything with prior, and removed it. I sincerely hope nothing mailicious has happened…
Thanks for this. Is Google ever planning on letting people know let alone what they plan to do?
September 27th, 2007 23:20
@Bobby:
Haha you’re in the clear
@Opal:
I think I check twice a day now lol.
@Seiche:
Google will issue a statement once it’s fixed. My guess is that they would have stayed quiet while trying to patch it, but the exploit was published so they have to acknowledge it sooner or later hehe.
September 28th, 2007 04:19
I don’t use Gmail but thank you for the heads up. There was just a warning released for Aol too.
September 28th, 2007 06:14
@Rose:
For AOL too? We got too many exploits floating around heh.
October 1st, 2007 02:48
[…] GMail Flaw Leaves your mail open to all- Brown Baron informs about a flaw in Gmail which can make your email vulnerable to hackers. […]