Pakistani Security Expert Shows How to Hack Gmail Successfully - Including Account-Deactivating Trick
BySecurity researcher, Ahmed Mehtab, revealed Gmail vulnerabilities that enable hackers to hijack the accounts.
The founder of Security Fuse published a report entitled 'Gmail Account Hijacking Vulnerability' and explained how he can take over a victim's account and claim it as his own. According to Mehtab, the hijack enables him to send emails from the target address.
There are a few ways on how to hack Gmail account, as reported by the Pakistani student in Security Fuse blog. For instance, if recipient has deactivated his email account or the smtp server is offline. These are conditions that have to occur to successfully hijack the address.
According to Mehtab's report, the hack is not able to hacking Google Photos, Google Drive or Google Play. These could be storing sensitive information such as credit cards account or other financial database.
How could Gmail hack happen?
Google lets users to have more than one email addresses and there is also an additional feature that enables an account to have a forwarding address.
The Gmail hijack occurs due to the way Google system links the account. It links an address to another - enabling email forwards using aliases, ProPakistani reported.
Should we be worried about the Gmail hijack?
Mehtab's contribution is surely something to take note and Google has already rolled out a patch to fix the issue quick enough.
The report was published on Oct. 20 and Google updated the patch on Nov. 1.
The tech company did not reward Mehtab with cash but lists him in the 'Hall of Fame' - which according to Mehtab, is the sad part of the research.
Here's the video that Mehtab uploaded on YouTube - demoing how he hacks Gmail account step by step.