At the recent Black Hat security convention, Robert Graham, the CEO of errata security demonstrated on camera how he hijacked a Gmail session and read the victim’s emails. He sniffed the Wi-Fi network for cookies and copied them into his notebook using his self-made tool, Hamster. The hack doesn’t need the victim’s username or password to work. It only requires an IP address.
This hack has been reported to work on almost any cookie-based web application. Therefore, other web-based email services Yahoo Mail and Hotmail is vulnerable as well.
The good news is that this hack can be easily prevented with the use of SSL or any other types of encryption. However, it is reported that Internet users seldom use these form of security measures when accessing the emails thus putting them at risk.
For example, accessing Gmail from http://mail.google.com will lead you to an SSL page where you insert your username and password. However, you will then be redirected to a non-SSL page to access your emails which puts you in a vulnerable situation.
On the other hand, accessing Gmail from https://mail.google.com (doesn’t work for me that’s why I’m using https://mail.google.com/mail?tab=wm instead) forces Gmail to redirect you to an SSL page after login.
There are some photos of the hacking demonstration available. Remember to always use an SSL page (https) whenever there is such an option. Protect yourself online.
If you’re using Firefox, you can automatically switch over to https for GMail and Google Reader, as well as perform lots of other Google customisations; you might want to install the Customize Google extension.
I tried your method which is to hit the HTTPS version of the main page but it still goes back to non-HTTPS after I’ve logged in. I tried out the extension that Azmeen recommended and it works a treat.
Tak perasan pula, dia guna http atau https masa logmasuk.
@Azmeen
.
Thanks for the info, Azmeen!
@mooiness
Hmmm…that is strange. I tried it on FF and IE. They both worked for me (as shown in the screenshot above).
@Hasbullah Pit
Saya rasa dia guna http masa dia digodam. Jika guna https, kemungkinan dia digodam adalah sangat tipis.
Dear Sir
Regularly some one open my gmail account how to protect my account and how can i find who is the culprit
@rrr
Wow, this is beyond my knowledge. You should first change your password to something more complex. Mix letters and numbers in it. And change all your “security questions”. Login to Gmail using https://mail.google.com. That’s all I can help. I have no idea how you can detect the person entering your account though. All the best.
Hi! I think most of the hacking being done is not the actual hacking but infact Social Engineering or Phishing. People fall prey and end up loosing their username/passwords. This can not be termed as hacking. The only way is to educate people to be able to guard themselves against Social Engineering but when people are still using IE6, its a bit difficult to get this going.