This is a public-interest archive. Personal data is pseudonymized and retained under
GDPR Article 89.
Re: Gmail security issue
On 12/27/07 11:59 AM, "frielster@aol.com" <frielster@aol.com> wrote:
>
> My fellow Luddites: Would everyone here who, like me, has NO IDEA what Doug et
> al are talking about please raise your hands? Thought so.
> Doug, can you dumb this down enough for the tech-challenged among us to
> understand? Hope so.
Let me try although I claim less technical expertise than others on this
list. If you own a URL (a website address) then that address is quite
portable. The URL and where you host it are two entirely different
entities.
Transferring ownership or hosting of a URL is as simple as knowing the right
passwords and asking to have a URL transferred to either a different hosting
network or to another company (as in selling it). So transferring a URL is
pretty simple stuff *if* you have the passwords.
So. How to get the password? In very simple terms, by computer legerdemain
(black hat or bad guy stuff) you go to a site with a contact form on it.
You send that form an email with half a virus/software script in it. In
other words, your email account is sent an email virus that accepts
directions from another email. The second email is sent to complete the
virus and the virus/software goes to work.
(sidebar) In this case, the cracker used a security breach in gmail to allow
this to happen. The security breach is through the use of filters - simply
check your filter setting in gmail. If there's one there you didn't install
- delete it immediately. If there's nothing there, you're safe as this
problem has been addressed by Gmail.
(Back to our story) The cracker used the now-completed virus/software to
forward any email in the cracked gmail account to his own account. Your
email is simply sent to another address via a forwarding system in the
filters area. The filter can send all email or simply email with special
terms, like "send all email containing the word "password"."
He can then go to any "get new password" setting on an isp/website and say
"forgot my password". (Ever forgot your password to a site and have had it
sent to you?) The password reset will be sent to the gmail account but is
automatically forwarded (by the virus/software) to the crackers account. He
now has access to the website URL because he has the password.
This makes it very easy to simply transfer ownership of the URL to himself
and hosting anywhere else. And then he "locks" the domain so it can't be
transferred without the new password (that the previous owner doesn't have.)
And doesn't know has been transferred because he/she didn't get the email -
remember it was forwarded to the bad guy.
Your website disappears out of your control - the adsense ad account is
replace by the crackers and your traffic is now making money for that
cracker.
Or that person can blackmail you to have your URL returned to you. Or
whatever - because that person now has your URL and there's nothing you can
do about it (other than steal it back or go to court at some level)
Hope that clears it up. I know a bunch of folks have gmail and use it for
all their business stuff. Simply go to the settings>filters section - if
there are no filters installed, forget this warning. If there are filters
installed you didn't set - then delete them immmediately.
This kind of stuff goes on all over the place. I had a blog hacked once to
make it look like I was referring a link to someplace I had never heard of.
Couldn't get rid of it on the page it was on even if I rebuilt the page.
Turn out it was hacked into the htaccess file at the server level.
But simply check your gmail account if you have a website.
Hope that elucidates the muddification.
Doug
Ps JF. - Snowing like mad here at the moment so we can't see the far shore
- we can barely see our own shore 50 feet away. Water levels on lake are
quite low so this is all to the good. Got a 'new" old wooden sailboat - a 12
footer - this fall so another one joins the navy after restoration. You'll
have to see the dock at the new house - even admits kayaks.
_______________________________________________
gardenwriters mailing list
gardenwriters@lists.ibiblio.org
http://lists.ibiblio.org/mailman/listinfo/gardenwriters
GWL has searchable archives at:
http://www.hort.net/lists/gardenwriters
Send photos for GWL to gwlphotos@hort.net to be posted
at: http://www.hort.net/lists/gwlphotos
Post gardening questions/threads to
"Gardenwriters on Gardening" <gwl-g@lists.ibiblio.org>
For GWL website and Wiki, go to
http://www.ibiblio.org/gardenwriters
Other Mailing lists |
Author Index |
Date Index |
Subject Index |
Thread Index
