Saturday, 2 May 2015

Google Password Alert Patched And Again Circumvented



Wednesday, Google unveiled an extension for Chrome that Google password to protect the users against phishing attacks. Once users to a phishing site have completed their password they get a warning Password Alert , as the extension is called, and the ability to change their Google password.


The operation was not infallible, because not a day later, the British security consultant Paul Moore Password Alert via a script of seven lines circumvented , as he made ​​via Twitter announced. The script, which the consultant claimed it made ​​in two minutes, ensured that users were given no warning to be seen. Today Google launched an update to version 1.4 to address the onslaught of Moore. An hour ago, Moore, however, managed to also get around this version, let him again via Twitter know.

Update May 2

The Dutch security company Securify published yesterday a comprehensive proof-of-concept in order to avoid the extension, but it seems that Google has solved this attack since yesterday version 1.5 appeared.

No comments:

Post a Comment