Jump to Navigation
Home » GMail cracked

Reply to comment

ivica's picture
Ivica Puljic
06 Jan, 2008

GMail cracked

Today I stumble on this very scary story. In short David Airey domen was stolen by a cracker who used "multipart/form-data POST to one of the GMail interfaces and injects a filter into the victim’s filter list". Then evil hacker requested 650$ to return domen to David.

How this crack work? In short you login to your gmail account, then while loged to gmail you visit some evil site that have malicious code on it and then that code inject new filter rule into your gmail settings. More detail here.

GMail fixed this security hole, but if your account is already hacked this will not help you. To be sure login to your gmail account and then go to settings->filters; if you see some strange filter rule with email address you do not recognize be sure to immediately delete that filter rule.

In the end David was lucky and he managed to return stolen domen without paying to a cracker.

Reply

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Internal paths in single or double quotes, written as "internal:node/99", for example, are replaced with the appropriate absolute URL or path. Paths to files in single or double quotes, written as "files:somefile.ext", for example, are replaced with the appropriate URL that can be used to download the file.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd><br><p>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.