Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Google

Submission + - Gmail backdoor vulnerability (theregister.co.uk)

castrox writes: From the article on The Register:

The technique comes courtesy of Petko D. Petkov, a researcher at GNU Citizen, who writes in a blog post that the backdoor is installed simply by luring a victim to a specially crafted website while logged in to Gmail. The naughty site uses a slight of hand known as a multipart/form-data POST, which writes a filter to Gmail that causes all email with attachments to be forwarded to collect@evil.com.
Looks like a nasty "POST injection" from a malicious site you're visiting while logged into Gmail is all it takes to alter your Gmail settings. Apparently, Google is investigating and has no further comments at this time.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Gmail backdoor vulnerability

Comments Filter:

You know you've landed gear-up when it takes full power to taxi.

Working...