GMail has a new security flaw

1 minute read

That’s right folks GMail has a massive security hole which, to the extent of my knowledge, remains unpatched. Aibek at has thoroughly explained what happened to him and to others, and if you are really curious about the detauks, then it is definitely worth checking out.

I will, in a brief and resumed way, describe the situation and what you can do to play it safe(r).

What happens is that through a trick with URLs and attacking websites, an attacker can effectively enable your e-mail forwarding to whichever e-mail the said attacker wants to. Basically, this way, they get access to all your incoming e-mail because it gets forwarded to their inbox.

In Aibek’s case, the attacker managed to somehow steal the e-mail that contained the password to access his domain registrar account. The attacker then transfered the domain to another registrar and started to blackmail Aibek, claiming that he wanted $2000 for the domain that he originally owned.

This is a very serious situation, and maybe this is just the tip of the iceberg; a lot of malicious actions can be conducted this way and the first and foremost thing you should do right now if you own a GMail account, is to check under Settings -> “Forwarding and POP/IMAP” if your forwarding is set to some unknown address. If it is, then you are highly advised to disable the forwarding and change all your passwords. Especially if you have received e-mails from password recovery systems that you didn’t ask for in the first place.

The next tip is to never open links that come within e-mails that you don’t totally trust. If you must open the link anyway, then rather than clicking it, copy the link, logout from your GMail account and then visit the link. When you’re done, log back in and you should be safe.

It is yet to be known if this flaw affects Google Apps accounts as well. In a wild guess I would say it does, but it would have to be customized to attack a specific domain belonging to Google Apps, so everyone, be wary.