New Year New Buzz
Happy New Year to one and all. Here’s a new year news… Gmail has been hacked!!!
At least that’s what I heard. But when I did a little research, it’s actually more of a mailer security flaw and cracker-victim issue. The cracker-slash-criminal who knows how to tweak someone else’s settings by trespassing into your gmail account, and a victim who is innocent of what is being stolen from him. A true to life invasion of privacy! Once your email account is accessed, the cracker can manipulate the settings and all your emails, be it personal or business will be routed to the criminals’ hands.
How does it works? A victim visits a webpage while being logged into his GMail account. Not realizing he’s visiting a bad page, the page does a multipart/form-data POST to one of the GMail interfaces and sets a filter into the victim’s filter list. The attacker writes a filter, like a message rule or something, which simply looks for emails with attachments and forwards them to an email of their choice - their email.. tsk tsk. This filter/query will automatically transfer all emails matching the rule. Of course, future emails will be forwarded as well. The attack will remain present for as long as the victim has the filter within their filter list, even if the initial vulnerability, which was the cause of the injection, is fixed by Google.
That’s it. I highly suggest that you do not use free emails for important mails like domain access, online banking information, and even community accounts like friendster or myspace. I need not enumerate what a cracker could do to you… they’ve got cracked minds.
May this year be a cracked free year for you! ^_^
