Posted on May 11, 2018 at 2:24 PM
Hackers are Sending Google Maps Users to Infected Sites Due to the Flaw
Researchers from the IT security company called Sophos found a flaw in Google Maps that allows hackers to trick users into visiting malicious websites. The flaw lies in the app’s link-sharing service.
New flaw in Google Maps
A new discovery was made by the researchers from Sophos, and it is bad news for anyone who uses Google Maps on regular basis. According to the researchers, hackers have found a flaw in the app’s service that allows for link sharing. Thanks to this vulnerability, hackers have managed to redirect users to various malicious websites.
It is not possible for hackers to change the official URLs that Google Maps is using. However, there is a flaw in the “maps.app.goo.gl” service that can allow them to redirect users to websites infected by malware, as well as those used for phishing.
Obviously, users would notice that the links are different than what they should look like, which is why hackers applied URL shorteners to hide their true form.
One of the most often used malicious websites is a Russian page that has been a host for a dieting scam.
It would seem that hackers have been able to use this flaw due to the fact that this sharing feature is not one of the app’s official products. The tool itself does not collect any reviews, nor does it configure or report fake links.
How does it work
Mark Stockley from Sophos has stated that the Google URLs are usually trusted by the users, while the Russian URLs are not. Because of this, the hackers are redirecting users from a Russian URL to a Google’s URL, which masks the real one.
He added that, in order to avoid such redirections, the code that performs them should show users only those URLs that are following certain patterns. Basically, what this means is that the URL should have Google Maps’ link parameters, and if it doesn’t, then the redirection should now be allowed.
Flaws and vulnerabilities like this are an old issue, and there were already several reports of such problems in the past. For example, back in September of the previous year, there was a report by a security researcher by the name of “LewisBugBounty. This researcher has announced the discovery of this very vulnerability and has stated that it has the potential to affect not only the website but its users as well.