Gmail vulnerable to backdoors

Surprisingly, the internet giant Google faces its own internet security problems: as revealed by a recent discovery, Gmail is no longer the impenetrable fortress of safe emailing as it seemed to be for so long. According to PC Pro magazine, the new threat uses the new "cross-site request forgery" exploit to create a backdoor in Google’s email service. Evidently, one visit to an infected site while logged into a Gmail account may be enough to compromise the system.

Attackers could then use a multipart/form-data POST to create a mail filter and forward email matching certain criteria to an external email address, thus effectively disabling Google’s mail filter.  Although this vulnerability has not yet been made publicly available, Petko D. Petkov, who is the person responsible for this discovery, has informed of its existence.

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *