Hackers Targeting Gmail, Hotmail for Attacks

June 7, 2011
Cyber Security, FedCyber Wire
No Comment

via Microsoft Certified Professional Magazine

Windows pros would do well to take note of a predominant trend in the realm of IT security as the week begins: e-mail accounts as both targets and attack vectors.

Adobe announced that a recently patched vulnerability in its flash player on Sunday is still — despite an out-of-band rollout on Sunday — being used to hack into the accounts of Gmail users.

Adobe said in its security advisory that the bug exploits cross-site scripting (XSS) weaknesses to pull a jack move on usernames and passwords in Gmail during a browsing session.

It was Google that first reported the problem to Adobe.

The Adobe-Gmail security punch up comes after Trend Micro identified issues with Microsoft’s Hotmail accounts in this report. In the Hotmail situation, hackers are apparently using embedded scripts to get usernames and passwords. In this sense, a cross-site scripting vulnerability similar to that exploited in the Gmail incursions is employed to break into Hotmail accounts.

Microsoft’s senior response communications manager Bryan Nairn stated publicly that Redmond is working with trend micro to nip this problem in the bud, saying that a solution would come from a “coordinated vulnerability disclosure.”

But wait, there’s more!

As far back as March, Yahoo! Mail was also an apparent target of attackers who, instead of using cross-site scripting tactics, use an infected spreadsheet file. The corrupt attachment is specially crafted to turn the popular Microsoft Excel program into a weapon against Yahoo! Mail users unfortunate enough to open the document — which exposes their system to risks such as the threat of personal identifiable information ending up in the hands of hackers.

What this trend suggests is that hackers are hitting up popular e-mail accounts usually accessed in a Web browser session. These e-mail accounts, as opposed to a Microsoft Outlook or secure client-side e-mail account like Outlook, can be accessed from any computer, anywhere and are thus vulnerable as any other destination on the Web.

Continued here.