Cedric Ang

A few days ago, I noticed that I have been getting return messages in my GMail account. I opened one of it, and noticed that I was actually sending out spams out to people in my contact list.

Thinking that it might be spoofed, I checked my outgoing folders, and to my surprised I found that I did sent out those emails. From my history of so many ancient years of using the computer, I have never got infected by a virus, or a malware before. I have yet to had any of my accounts hacked. Disbelieved, I surf around wanting for an answer.

I noticed a pattern here. The spam mail that was sent, was sent to everyone in my contact list. It was sent in such a way, that I myself would not have done, if I were to send out spams. I checked around discussion groups, and found out that I wasn’t the only one that had problems. In fact, it was a known issue with GMail where malicious sites could grab your contact list from the JavaScript if you have the malicious sites in the same browser window.

That pretty much explains it. I recalled that a couple of days ago, I was surfing and downloading torrent files of gay porns. There were couple of windows that popped up, but most of them are blocked by my popup blocker that was build-in Opera browser.

The porn that was downloaded was good actually, but that is another story. One lesson to learn is that, even with big corporation as big as Google, insecurity can sometimes happen. No matter how well a code is being coded, a simple line could have cause an issue as big as this.

I guess from now onwards, before I start surfing for porns, I better make sure I do not log in to GMail, or even online banking. Just in case.

No related posts.