Computer Crime Research Center

etc/google_accellerator.gif

Possible Google toolbar hacking

Date: December 22, 2007
Source: news.digitaltrends.com
By: Christopher Nickson

Are you like many others, with a Google Toolbar added on to your browser? If so, you’d better be careful about adding buttons to it. According to a story on TechNewsWorld, a security researcher has found a vulnerability that could allow a hacker to get control of your PC if you add a button.

Google has an API that allows users to create toolbar buttons, with the information stored in an XML file. A user needs to use a link to the XML file to install it.

The problem, researcher Aviv Raff found, occurs after someone clicks on that link, which is supposed to give information about the button. But an astute hacker can throw in a spoof redirected link instead, so instead of the button coming from Google, it comes from the hacker and could contain malware.

Original article



Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo