A vulnerability has been detected in the Google mail system, Gmail which is related to the verification process of the email service. which allows the theft of email accounts.
It was a Pakistani hacker who was in charge of noticing this bug, it seems that a large number of websites are implementing some type of software so that hackers (in this case ethical hackers) and researchers can find security flaws in websites and reward them for it.
Google is one of the giants of the Internet, invites everyone to discover flaws in its services and reward sometimes large amounts of moneywith a single objective: to make Google services more secure.
The operation of this vulnerability is associated with account verification, that is, Google allows us to work together with several accounts of Gmail that you own, it appears that this Pakistani hacker discovered a bug whereby the account could be hijacked via email ID.
There is only one way for this vulnerability to be exploited and that is that the recipient of the SMTP is not online, that is, they must be offline so that the email ID does not exist.
It all relies on the attacker, when trying to confirm ownership of the email address a verification email is sent, the The new email address is unable to receive said code and a code is sent back to the sender in such a way that if the attacker obtains the code, he can become the owner of the email account.
What do you think about the new? Do you have multiple Gmail accounts?
