A few days ago, I noticed that I have been getting return messages in my GMail account. I opened one of it, and noticed that I was actually sending out spams out to people in my contact list.
Thinking that it might be spoofed, I checked my outgoing folders, and to my surprised I found that I did sent out those emails. From my history of so many ancient years of using the computer, I have never got infected by a virus, or a malware before. I have yet to had any of my accounts hacked. Disbelieved, I surf around wanting for an answer.
I noticed a pattern here. The spam mail that was sent, was sent to everyone in my contact list. It was sent in such a way, that I myself would not have done, if I were to send out spams. I checked around discussion groups, and found out that I wasn’t the only one that had problems. In fact, it was a known issue with GMail where malicious sites could grab your contact list from the JavaScript if you have the malicious sites in the same browser window.
That pretty much explains it. I recalled that a couple of days ago, I was surfing and downloading torrent files of gay porns. There were couple of windows that popped up, but most of them are blocked by my popup blocker that was build-in Opera browser.
The porn that was downloaded was good actually, but that is another story. One lesson to learn is that, even with big corporation as big as Google, insecurity can sometimes happen. No matter how well a code is being coded, a simple line could have cause an issue as big as this.
I guess from now onwards, before I start surfing for porns, I better make sure I do not log in to GMail, or even online banking. Just in case.
I don’t see how it is possible for any codes to have access to your contact list unless you reveal your password.
Uhmm as for the good torrent, what is the title? and where can get? 🙂
I thought so too at first. Then again, I am using (*&@PITUYT# type of password. Not that easy for the average script kiddie.
Moreover, I found these.
http://everything2.com/e2node/GMail%2520contact%2520list%2520security%2520hole
http://groups.google.com/group/Gmail-Help-Message-Delivery-en/browse_thread/thread/e5c554347f7f3221#
oh alright, i better be sure how i use gmail then. thanks for the heads up.
and now, how about the torrent? 😉
Well Sham, I am not too sure what kinda genre you are into. However, if you read from my blog, you probably can figure it out. Do let me know if you are still interested.