Thursday, Mar 28, 2024 | Last Update : 09:10 PM IST

  Google login page has a bug, could lead to malware download

Google login page has a bug, could lead to malware download

AGE CORRESPONDENT
Published : Aug 31, 2016, 1:52 am IST
Updated : Aug 31, 2016, 1:52 am IST

British security researcher Aidan Woods stumbled on a bizarre bug with Google's login page.

The problem is believed to be occurring because Google allows the
 The problem is believed to be occurring because Google allows the "continue=[link]" as a parameter in the login page URL.

British security researcher Aidan Woods stumbled on a bizarre bug with Google's login page. The bug allows clever attackers to automatically download files on the user's computer when he presses the 'Sign In' button, as reported by Softpedia.

The problem is believed to be occurring because Google allows the "continue=[link]" as a parameter in the login page URL that tells the Google server where to redirect the user after authenticating. Google has anticipated that this parameter might cause security issues and has limited its usage only to Google.com domains by using * as a wild card in the rule '*.google.com/*'.

However, Woods figured that this would lead 'drive.google.com' or 'docs.google.com' links to get easily passed as valid 'continue' parameters within the login URL. Any clever attacker could easily upload a malware to their Google Drive or Google Docs account and these links could be passed on via email or plain messages. Users who receive such a link would most likely be tricked into thinking it's the real Google login URL. When the user clicks on the link, and logs in, a file would automatically get downloaded without the user's confirmation on the victim PC when the user presses the 'Sign in' button.

Woods says that he attempted to notify Google's security team about the issue, but they closed all of his three bug reports he opened to let them know about the bug. Below is the answer he received from Google:

'Thanks for your bug report and research to keep our users secure! We've investigated your submission and made the decision not to track it as a security bug. This report will unfortunately not be accepted for our VRP. Only first reports of technical security vulnerabilities that substantially affect the confidentiality or integrity of our users' data are in scope, and we feel the issue you mentioned does not meet that bar.'