Gmail reveals secrets to hackers

By
Follow google news

People sending emails to Gmail accounts may find they reveal more than they bargained for. A bug within Google mail service allows hackers to reveal details of other users’ personal emails, and even their account passwords.

UNIX firm HBX Networks stumbled across the flaw whilst working on a "hacker-friendly" shell service. In altering the "From" part of the address bar technicians for HBX found that HTML code was revealed within the "Reply-to" field.


"The result is a compromise of the privacy of communications over Gmail," said an HBX spokesman on its website. "Many people rely on Gmail heavily, and many users are forced to communicate with Gmail users because of this resilience."

A lot of the information revealed by the flaw is spam, but there are notable exceptions. One example, detailed in HBX's report, highlights an account password.

"We are aware of the problem and we are looking into it," said a Google spokeswoman.

Late last month virus writers created a the Santy worm that used Google's powerful search engine to search for vulnerable websites. Earlier in December SC reported on how Google's desktop search engine could create security problems for customers using SSL VPNs.

dump.hbx.us/gmail_bug

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
gmailhackersrevealssecretssecurityto

Sponsored Whitepapers

Agile in the AI Era: why projects still fail
Agile in the AI Era: why projects still fail
When Technology Becomes the Blocker: Unlocking Real Outcomes from AI and Cloud
When Technology Becomes the Blocker: Unlocking Real Outcomes from AI and Cloud
High-volume data sources for AI-driven security analytics
High-volume data sources for AI-driven security analytics
How healthcare organisations can get more value from cloud
How healthcare organisations can get more value from cloud
1 in 3 companies lose SaaS data. Here’s how to prevent it
1 in 3 companies lose SaaS data. Here’s how to prevent it

Events

Most Read Articles

Anthropic opens Claude Mythos Preview AI program to Australia

Anthropic opens Claude Mythos Preview AI program to Australia
Defence says Palantir is "sandboxed" in its environment

Defence says Palantir is "sandboxed" in its environment
Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
Microsoft backs down on legal threats against 0day disclosing researchers

Microsoft backs down on legal threats against 0day disclosing researchers
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?