Gmail Hacking on Flash Exploit [China]
Recently there are several news of Gmail hacks spreading out ,that was orginated in China[based on technews] .Althought Google employs several new security measures to overcome it security flaws in Gmail, hackers exploits it through amazing code techniques.Now a video in Youtube shows a totally different approach in hacking on to your Gmail Settings.i.e with the help of a Flash file that exploits vulnerability in Adobe Flash.This specific video demonstrates how could a specially creafted Flash file can inject a spying Forward address into Your Gmail settings.We have heard of several phishing and related techniques on Gmail hacking , but this new technique reveals it’s so easy to hack Gmail settings.Basically with this method, the hacker can read all your emails, conveniently forwarded to him/her (, without your knowing. Indeed, this hack doesn’t even steal (or need) your password.Interesting, isn’t it?
How this Hackers Triumph Works?
Now How it goes on? Below video , depicited as chinese language narration – lets got to it’s meaning.As in the video you get a mail , encouraging to click on a given link -here for eg: it’s hosted on some “Sina’s” blog platform.As you click on it the link actually heads to a malicious site which hosts a single Flash file. It says “loading…”, but nothing ever loads. (As look in the ‘Properties’ reveals the Flash file’s name to be f.swf). Then, the video’s narrator heads back to his Gmail account settings – which was open in the same browser while he visited the malicious site – to reveal that a forwarding address has been added to his settings.
It looks like a simple Gmail address – but that address is getting all your new mail delivered to it, allowing it read all your mails. Even if you were to change your email password, that forwarding address would still be in your account settings, receiving all your Gmail.As expert always advice it’s always beware on checking any sort of unknown or malicious link from your inbox.If it’s a must wanted visiting link just copy that link , note it down , sign out of your Gmail , delete all History , then try to visit it.