Forgot your password?
typodupeerror
Google

+ - Gmail backdoor vulnerability->

Submitted by castrox
castrox (630511) writes "From the article on The Register:

The technique comes courtesy of Petko D. Petkov, a researcher at GNU Citizen, who writes in a blog post that the backdoor is installed simply by luring a victim to a specially crafted website while logged in to Gmail. The naughty site uses a slight of hand known as a multipart/form-data POST, which writes a filter to Gmail that causes all email with attachments to be forwarded to collect@evil.com.
Looks like a nasty "POST injection" from a malicious site you're visiting while logged into Gmail is all it takes to alter your Gmail settings. Apparently, Google is investigating and has no further comments at this time."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Gmail backdoor vulnerability

Comments Filter:

Kill Ugly Processor Architectures - Karl Lehenbauer

Working...