Results 1 to 17 of 17
  1. #1
    Join Date
    Nov 2002
    Posts
    4,376

    * Warning: Log Out of Gmail before visiting other sites

    Gmail hack - do not visit other websites while logged into Gmail
    Victim lost his domain name.

    (sites currently under Digg effect)

    http://www.davidairey.co.uk/google-g...curity-hijack/

    http://www.gnucitizen.org/blog/googl...ack-technique/

    The victim visits a page while being logged into GMail. Upon execution, the page performs a multipart/form-data POST to one of the GMail interfaces and injects a filter into the victim’s filter list. In the example above, the attacker writes a filter, which simply looks for emails with attachments and forwards them to an email of their choice. This filter will automatically transfer all emails matching the rule. Keep in mind that future emails will be forwarded as well. The attack will remain present for as long as the victim has the filter within their filter list, even if the initial vulnerability, which was the cause of the injection, is fixed by Google.

    Check your Gmail account settings... Here’s what to do:
    When logged into GMail, click on the ’settings’ tab in the upper right of the screen. Then check both the ‘Filters’ and the ‘Forwarding and POP’ sections.

  2. #2
    Join Date
    Aug 2003
    Location
    St. Louis, Missouri
    Posts
    1,814
    Phew, no filters here.

    Although I don't think many passwords would be store in an e-mail anyways.
    IntelliSerp - The most accurate and intelligent keyword rank tracking software.

  3. #3
    Join Date
    Jan 2007
    Location
    UK.
    Posts
    1,097
    I don't know how people have the guts to do that to someone. I couldn't ever do that!

  4. #4
    Join Date
    Apr 2004
    Location
    Singapore
    Posts
    1,506
    This is so scary man
    tanfwc
    Singapore Managed Colocation
    Singapore BGP Announcement

  5. #5
    Join Date
    Aug 2002
    Posts
    1,596
    No, no filter was found in my gmail. I will be sure to sign out of gmail before viewing other websites. I will be changing the e-mail address in my reseller account. When I forget my password, my reseller account send me the password to my gmail.

  6. #6
    Going with the big boy is good but it does attract lot of attention(hacking).
    Affordable Managed Hosting Solutions for Professional & Business since 2001
    Mxhub.com - Global : USA - UK - Canada - Europe - Asia Pacific


  7. #7
    Join Date
    Oct 2002
    Location
    Under Your Skin
    Posts
    5,875
    Guess that is why gmail is still beta.

    I found this on another forum, and checked my filters... about the only thought I had was having one email for everything... but then, I'd never use gmail for anything serious like my domains anyway. Best to go with a paid account... something proven... stable... and not with a bunch of holes so they can easily advertise to you.
    Windows 10 to Linux and Mac OSX: I'm PARSECs better than you. Eat my dust!!!

  8. #8
    Join Date
    Aug 2005
    Posts
    543
    Even those using google talk should take care of talking anything against google.

  9. #9
    Join Date
    Oct 2007
    Posts
    1,902
    This is very interesting. I have gmail account at home and never log out from it. Interesting is gmail developers know about such problems?
    ServerPoint.com - a true hosting company offering online presence solutions since 1998.
    >>Web Hosting, colocation, dedicated servers and virtual private dedicated servers.
    >>>>Wholly owned multi homed network, servers and facilities.

  10. #10
    Join Date
    Oct 2002
    Location
    Under Your Skin
    Posts
    5,875
    Quote Originally Posted by ~ServerPoint~ View Post
    This is very interesting. I have gmail account at home and never log out from it. Interesting is gmail developers know about such problems?
    From what I've read, it's been reported on for at least three months.
    Windows 10 to Linux and Mac OSX: I'm PARSECs better than you. Eat my dust!!!

  11. #11
    No filters.

    I always log out of google anyway, and my gmail passwords have nothing to do with my other passwords.

  12. #12
    Join Date
    Oct 2002
    Location
    Under Your Skin
    Posts
    5,875
    Quote Originally Posted by ~ServerPoint~ View Post
    This is very interesting. I have gmail account at home and never log out from it. Interesting is gmail developers know about such problems?
    http://www.gnucitizen.org/blog/googl...ack-technique/

    Now I'm confused... the site above posted the first info about the exploit that david posted on his blog (his reference).

    Gnucitizen's been down most of the night, but when I finally got on a while ago, they claim google fixed this issue in Sep '07.

    I don't understand what david is talking about now.... if it is fixed, is david saying it is not fixed? I'm starting to think he left himself logged in on some cafe computer someplace... lol...

    If not fixed, and reported as fixed, this info needs to get out there... but if it is fixed, there is something else going on with his account.
    Windows 10 to Linux and Mac OSX: I'm PARSECs better than you. Eat my dust!!!

  13. #13
    Join Date
    Jul 2004
    Posts
    63
    Maybe i should purposely give them my old gmail account which receives 1000+ spam emails daily.

  14. #14
    Join Date
    Jun 2001
    Location
    Gotham City
    Posts
    1,849
    Yay for inhouse mail
    [[ Reyox Communications / USA based cloud servers & support / 9 years of hosting websites ]]
    [[ Affordable ASP.NET4, ColdFusion, PHP & MS-SQL, MySQL, cPanel/WHM & Windows Reseller Hosting + Virtual Private Servers ]]
    (www.reyox.com) - Mention WHT and get a discount on your first month!

  15. #15
    Join Date
    Aug 2003
    Location
    Twin Cities Area
    Posts
    5,651
    i read thru that entire blog page. what an IDIOT! the guy is so determined to stick with his "principles" that he is going to lose a name that supposedly has high SEO and traffic? im not buying it.

    very bad business sense (as others in the blog posted as well).

    what happened is a criminal matter yet with all his whining and complaining i didnt read that he took any legal action against the supposed "hacker".

    i think the guy found a way to get money and get traffic by doing this.

    no one is talking about the gmail issue, or concentrating on the isp/host issue.

    im starting to think this whole thing is a HOAX!

    if you go to the whois http://whois.domaintools.com/davidairey.com youll see that the contact info has his CURRENT email address, which is all you need to transfer your name...
    Last edited by Project X; 12-27-2007 at 09:04 AM.

  16. #16
    Join Date
    Mar 2002
    Location
    UK
    Posts
    1,262
    It happens and a lot more frequently than might be imagined - failure to guard Admin email addresses, letting an important domain drop when it is used as an important contact base etc, etc.
    Generally speaking the police aren't interested in helping (much like most other crimes in the UK!) and legal action can be very costly without necessarily producing a satisfactory result or a cost-effective one.

  17. #17
    Join Date
    Jan 2003
    Location
    Orlando FL
    Posts
    1,342
    Quote Originally Posted by Somerset Internet View Post
    im starting to think this whole thing is a HOAX!

    if you go to the whois http://whois.domaintools.com/davidairey.com youll see that the contact info has his CURRENT email address, which is all you need to transfer your name...
    Not sure what is going on, but his domain is redirecting to his blog http://www.davidairey.com -> http://www.davidairey.co.uk/

    Maybe he gave it a thought and purchased the domain back?

    Very weird.


    Someone said above that the problem was fixed by Google, yes it has, however if you had the filter installed before Google fixed it the emails will still be forward to the address the hacker programs. So its possible that he had the filter installed long before the domain got actually transfered, keep in mind domain transfering is not done instantly it takes a few days.
    Jorge Campos | WBpro
    Web Building Professionals
    www.wbpro.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •