Home Hacking News Google App Phishing Flaw Discovered by Two Security Researchers
Hacking News

Google App Phishing Flaw Discovered by Two Security Researchers

by Unallocated Author
written by Unallocated Author
Google App Phishing Flaw Discovered by Two Security Researchers

Google app phishing flaw discovered by two security researchers; Patrik Fehrenbach and Behrouz Sadeghipour have discovered a vulnerability in Google Apps which enabled cyber criminals to register a corporate domain and the send non-blocked phishing emails from admin email addresses.

The Choc Factory have since patched the flaw and awarded the US$500 to the researchers as a bounty.

the vulnerability allowed attackers to register the name of a company that had not yet signed up to Google Apps for Work, they could then send phishing emails to staff, making it appear to come from a legitimate corporate domain. This also meant that spam filters were not tripped.

Google have since patched the vulnerability by altering the received email address from admin to [email protected].

See the video below for details of how the flaw worked:

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

You may also like

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA

Kia Dealer Portal Vulnerability Risked Millions of Cars

Latest Octo Malware Variant Mimics Popular Apps Like...

Oil Giant Halliburton Partly Went Offline Following Cyberattack

New “sedexp” Linux Malware Remained Undetected For Two...

FlightAware Confirmed Data Breach Happened Due To Configuration...

Cyberattack On Mobile Guardian MDM Wiped Connected Devices

OWASP Disclosed Data Breach Affecting Old Members

Popup Builder Plugin Flaw Exploited To Infect WordPress...

Pipidae – the latest malware to take over...