Home Hacking News Google App Phishing Flaw Discovered by Two Security Researchers
Hacking News

Google App Phishing Flaw Discovered by Two Security Researchers

by Unallocated Author
written by Unallocated Author
Google App Phishing Flaw Discovered by Two Security Researchers

Google app phishing flaw discovered by two security researchers; Patrik Fehrenbach and Behrouz Sadeghipour have discovered a vulnerability in Google Apps which enabled cyber criminals to register a corporate domain and the send non-blocked phishing emails from admin email addresses.

The Choc Factory have since patched the flaw and awarded the US$500 to the researchers as a bounty.

the vulnerability allowed attackers to register the name of a company that had not yet signed up to Google Apps for Work, they could then send phishing emails to staff, making it appear to come from a legitimate corporate domain. This also meant that spam filters were not tripped.

Google have since patched the vulnerability by altering the received email address from admin to [email protected].

See the video below for details of how the flaw worked:

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

You may also like

OWASP Disclosed Data Breach Affecting Old Members

Popup Builder Plugin Flaw Exploited To Infect WordPress...

Pipidae – the latest malware to take over...

Unmasking the Multi-Stage AiTM Phishing and BEC Attack...

Xiaomi Phones’ TEE Vulnerability May Allow Forge Mobile...

Research Finds Facebook Tracks In-App Browser Activities On...

Researchers Discover Zimbra Authentication Bypass Flaw Under Attack

Palo Alto Warns About PAN-OS Vulnerability Under Attack

Ducktail Malware Targets Facebook Business Accounts Via LinkedIn...

Researchers Discover Malware Actively Targeting Digium VoIP Phones