Slashdot Mirror


G-Archiver Harvesting Google Mail Passwords

Thwomp writes "It appears that a popular Gmail backup utility, G-Archiver, has been harvesting users' Gmail passwords. This was discovered when a developer named Dustin Brooks took a look at the code using a decompiler. He discovered a Gmail account name and password embedded in the source code. Brooks logged in and found over 1,700 emails all with user account information — with his own at the top. According to a story in Informationweek, he deleted the emails, changed the account password, and notified Google. The creator of G-Archiver has pulled the software, stating that it was debug code and was unintentionally left in the product."

14 of 462 comments (clear)

  1. This is why I backup my Gmail with G-Archiver by Anonymous Coward · · Score: 5, Funny

    Oh, wait...

    1. Re:This is why I backup my Gmail with G-Archiver by infonography · · Score: 5, Funny

      Well he wrote it .Net, isn't that enough evidence of malicious intent?

      --
      Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
    2. Re:This is why I backup my Gmail with G-Archiver by Sleepy · · Score: 4, Funny

      >For closed source software you're stuck trying arcane trickery like this guy did in order to find out when a program is spying on you.

      Arcane trickery to see what the code is doing?
      You've obviously never edited someone else's Perl...

  2. Hmmm by Anonymous Coward · · Score: 5, Funny

    he deleted the emails But did he make a backup first?
  3. Caught by Itninja · · Score: 4, Funny

    Looks like someone got caught with their pants down in the cookie jar. That's not nearly as hot as it sounds.

    --
    I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
  4. Re:Even the courts aren't this daft by WPIDalamar · · Score: 5, Funny

    It only did send them to Gmail :)

  5. Re:Debug, Sure by tristian_was_here · · Score: 5, Funny

    I did something similar I once picked up the wrong keys yet when I went to take them back to the person I decided to let myself in and accidentally walked out with a new TV.

  6. Re:Debug, Sure by Anonymous Coward · · Score: 5, Funny

    Right. And I have a bridge I'd like to sell you too.

    Why do you feel the need to hurt the reputation and business of us legitimate bridge sellers?!?

  7. Re:Even the courts aren't this daft by Zordak · · Score: 5, Funny

    This guy deserves to be prosecuted under anti-hacking statutes. Exactly. I mean, he was using a debugger! Doesn't he know that violates the DMCA? No doubt he'll be hearing from the G-Archiver lawyers AND the DoJ soon. It's time to show this clown that, in America, we don't put up with these kinds of shenanigans. And somebody call the copyright lobby. This is exactly the story they've been looking for to justify increasing the penalties for violating copyright to capital punishment.
    --

    Today's Sesame Street was brought to you by the number e.
  8. Re:A-ha! by Roofus · · Score: 5, Funny

    Yeah, I was logged into your account and noticed that too....very strange!

  9. Re:Debug, Sure by gEvil+(beta) · · Score: 4, Funny

    oiling snakes I assume?

    And who among us can honestly say they've never oiled their snake?

    --
    This guy's the limit!
  10. Re:Debug, Sure by bcat24 · · Score: 4, Funny

    And who among us can honestly say they've never oiled their snake?
    Girls?
  11. Re:Debug, Sure by pipatron · · Score: 4, Funny

    And who among us can honestly say they've never oiled their snake? Girls?

    He said us, that clearly excludes girls.

    --
    c++; /* this makes c bigger but returns the old value */
  12. Re:Debug, Sure by DancesWithBlowTorch · · Score: 4, Funny

    And who among us can honestly say they've never oiled their snake?

    Girls?
    Who?