Google Gmail hijacking

Posted Sep 26th 2007 12:00PM by Chris Gilmer
Filed under: Business, Developer, Internet, Security, Web services, Google, Search, web 2.0

Your open Gmail account could be in severe jeopardy, thanks to a malicious script that initiates itself when a website is viewed,

The tables have turned from hacking your computer, to hacking your virtually stored information. Supposedly hackers are not seeing the benefits of attacking your protected and firewalled computer these days, and are much happier to go after hacking Web 2.0 API's. Such is the case in a recent exposure of a critical process that executes a filter looking for specific incoming emails, sending them to another email address for snooping and prying. The filter would be in place until the Gmail account owner deletes it from the Settings>Filter menu.

Gnucitizen broke the news on this, and it has been verified by a few sources. He is not planning on demonstrating this process, or releasing more details on findings until Google has fixed this concern. He is also urging that others do not expose anything until they have notified Google and a fix is implemented. But does say that the hacks are out in the open for anyone searching Yahoo or Google.

Tags: api, email, filter, gmail, gmail-hijack, google, hack, hacker, malicious, web2, web2.0, yahoo

• Read
• Permalink
• Email this
• Share
• Comments [1]

Related Headlines

• Googleholic for August 15, 2008 (23 days ago - 2 Comments)
• Does software piracy hurt the open source community? (39 days ago - 24 Comments)
• Googleholic for August 1, 2008 (37 days ago - 1 Comment)
• Google Chrome - Google's new browser - First Look (5 days ago - 36 Comments)
• Download Squad goes Chrome-crazy (6 days ago - 22 Comments)

Reader Comments (Page 1 of 1)

1

9-26-2007 @ 1:11PM

kingkool68 said...

Issue has been fixed but here is how he did it -> http://blog.beford.org/?p=3

Reply

Download Squad Features

View Posts By

Categories

Audio (857)

Beta (345)

Blogging (705)

Browsers (65)

Business (1379)

Design (827)

Developer (939)

E-mail (521)

Finance (128)

Fun (1779)

Games (563)

Internet (4908)

Kids (135)

Office (499)

OS Updates (582)

P2P (182)

Photo (471)

Podcasting (168)

Productivity (1350)

Search (271)

Security (548)

Social Software (1136)

Text (440)

Troubleshooting (52)

Utilities (1995)

Video (1036)

VoIP (140)

web 2.0 (802)

Web services (3382)

Companies

Adobe (188)

AOL (51)

Apache Foundation (1)

Apple (477)

Canonical (35)

Google (1334)

IBM (30)

Microsoft (1323)

Mozilla (475)

Novell (20)

OpenOffice.org (43)

PalmSource (12)

Red Hat (17)

Symantec (14)

Yahoo! (356)

License

Commercial (681)

Shareware (195)

Freeware (2049)

Open Source (925)

Misc

Podcasts (14)

Features (392)

Hardware (167)

News (1129)

Holiday Gift Guide (15)

Platforms

Windows (3694)

Windows Mobile (429)

BlackBerry (45)

Macintosh (2102)

iPhone (104)

Linux (1605)

Unix (78)

Palm (177)

Symbian (123)

Columns

Ask DLS (11)

Analysis (33)

Browser Tips (297)

DLS Podcast (6)

Googleholic (202)

How-Tos (103)

DLS Interviews (19)

Design Tips (15)

Mobile Minute (133)

Mods (68)

Time-Wasters (392)

Weekend Review (40)

Imaging Tips (32)

RESOURCES

• Send us news tips
• Contact Us
• Advertise
• Corrections?
• Problems?

RSS NEWSFEEDS

• 
• Feeds by category

Sponsored Links

Advertise with Download Squad

Most Commented On (60 days)

• Google Chrome First Impression: Is It What You Expected? (94)
• 35 Places To Download Free, Legal MP3s - Sorry, RIAA! (86)
• Google Chrome: Is Google planning to release a web browser? (39)
• Google Chrome - Google's new browser - First Look (36)
• 5 Apps For Painless Windows Reformats (36)
• Bill Gates, Jerry Seinfeld ad airs - Apple has nothing to worry about (33)
• 24 Killer Portable Apps For Your USB Flash Drive (33)
• Download Squad goes Chrome-crazy (22)
• Chrome meta-liveblog (15)
• Features Chrome has and your browser doesn't (15)

Recent Comments

• IanT on 5 Free Apps to Clone Your Hard Drive
• Visa on Yahoo! Mail Beta open to the public
• visa on Yahoo! Mail Beta open to the public
• Zachary on 4 "SpeedDial" Options for Firefox
• garconcn on 4 "SpeedDial" Options for Firefox
• Fred Thompson on 5 Free Apps to Clone Your Hard Drive
• Fred Thompson on 5 Free Apps to Clone Your Hard Drive
• Dred242 on Joost to kill desktop client, provide browser-based video player?
• linuxeventually on 5 Free Apps to Clone Your Hard Drive
• RayBender_NYC on Ubuntu founder Mark Shuttleworth: We can surpass Apple in two years

Urlesque Headlines

• Wide Wurld of Urlesque: Bears, Buses and (Snow) Beards
• Today's Cry: Turtle + Frog + Spider + Storms = OMG
• Women Defending Cocktails to the Death
• Eerie! Or Beautiful? Singing to Plants
• Germany Builds a House Upside Down

BloggingStocks Tech Coverage

• AAPL Apple Inc
• ADBE Adobe Systems
• AKAM Akamai Technologies
• AMZN Amazon
• CSCO Cisco Systems
• DELL Dell
• EBAY eBay
• GOOG Google
• INTC Intel
• INTU Intuit Inc
• JAVA Sun Microsystems
• MOT Motorola
• MSFT Microsoft
• NOK Nokia Corp
• ORCL Oracle Corp
• PALM Palm Inc
• RHT Red Hat Inc
• RIMM Research in Motion
• SYMC Symantec Corp
• TWX AOL Time Warner
• YHOO Yahoo!

More Tech Coverage

• Control Shift It's all about the experience
• Somewhat Frank Perspectives on tech as it fuses in everyday life
• Switched Gadgets, web news and commentary
• Urlesque Exposing bits of the web

All contents copyright © 2003-2008, Weblogs, Inc. All rights reserved

Download Squad is a member of the Weblogs, Inc. Network. Privacy Policy, Terms of Service, Notify AOL