Gmail exploit aids domain hijack

	SecurityReason
News

Search

SecurityAlert

About SecurityAlert

ExploitAlert

SecurityReason Research

	WLB
WLB Database

Send to WLB

About WLB

	RSS
News

SecurityAlert

World Laboratory of Bugtraq

ExploitAlert

Apache

PHP

	Corporate
Contact

About us

	Services
SecurePHP


	Note
If you have found a vulnerability, please send to our SecurityAlert Database : secalert()securityreason()com Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive : exploit()securityreason()com

News from: World

» Topic: Gmail exploit aids domain hijack

» Added by: John Leyden

» Date: 28.12.2007

Web designer David Airey has succeeded in recovering his domain after hackers exploited flaws in Gmail to trick his hosts into authorising a fraudulent transfer.

Airey's woes began when he took his girlfriend for a month-long holiday to India on 21 November, a trip he mentioned in his blog. The holiday was a break from work and he only occasionally checked his emails.

All seemed well until shortly before his return when Airey received an email from a friend informing him that his website, Davidairey.com, had "disappeared".

At first Airey thought he'd made a mistake and allowed his domain name to expire and a domain poacher had snapped it up before he got the chance to renew it. Subsequent digging revealed a darker truth: hackers had posted a bogus transfer request on his web host support panel the day Airey left for India.

This, alongside an attack on a Gmail account run by Airey, allowed them to seize his domain and hold it for ransom. Initially crooks demanded $650 before dropping their offer down to $250.

Airey's host, ICDSoft, were unable to reverse the transfer. The transfer request was initially sent to Airey's Gmail account but forwarded to crooks after they used an exploit to forward the email to a third-party account. Gmail has since fixed the flaw but Airey says that users would still be wise to check their account settings to verify that they too haven't been hit by the hack.

Recovering the domain through legal action would eat up far more in lawyer's fees, perhaps a minimum of $1,500, and might take months. During that time Airey would also lose passing trade that the domain brought in. In the meantime Airey has established an alternative Davidairey.co.uk website.

While it might be a pragmatic decision to give in to fraudsters Airey vowed to fight on, rallying considerable support in the process.

Three days after reporting how a Gmail security flaw resulting (in part) in the theft of his domain name Airey was able to recover the address. GoDaddy.com staff, the registrar with who his domain had been parked, helped him undo the transfer request.

Airey's account of the web hijack and its aftermath can be found here.

Source : http://www.theregister.co.uk/

	Alert
BSD libc (strfmon) Multiple vulnerabilities - 2008-03-25 Maksymilian Arciemowicz discovered a Integer Overflow vulnerability in the libc library "strfmon()" function.A vulnerability could allow an attacker who successfully exploits this vulnerability to take control of the affected BSD systems.


	Apache
» Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability

» Apache Tomcat information disclosure vulnerability

» Apache Tomcat XSS vulnerability

» Apache-SSL memory disclosure



	PHP
» PHP 5.2.6 chdir(),ftok() (standard ext) safe_mode bypass

» PHP 5.2.6 posix_access() (posix ext) safe_mode bypass

» PHP 5.2.5 and prior : *printf() functions Integer Overflow

» PHP 5.2.5 cURL safe_mode bypass