Posted on October 31, 2017 at 5:04 PM
New security flaws in Google’s system has left their data vulnerable to theft.
A security researcher recently managed to obtain access to Google’s most sensitive and dangerous vulnerabilities due to several flaws found in the company’s internal bug tracker.
The Issue Tracker, or Buganizer as it’s often referred to, is a tool for security researcher and experts to track down bugs and report issues associated with the newly found bug, as it relates to Google’s services, software, and devices.
While the average user has limited access to the Buganizer, a security researcher recently found that he could obtain access to the system’s back-end, as well as thousands of bug reports, by just imitating a Google corporate email address. Several of the bug reports that the researcher gained access to had “priority zero” status, which indicates a severely dangerous bug. It is likely that this vulnerability could be severely damaging if it falls into the wrong hands.
The researcher responsible for finding the flaw, Alex Birsan, noted that a hacker could have easily exploited the vulnerabilities to compromise Google accounts, or even get access to Google’s internal system.
In a report, Birsan wrote that before verifying a new Gmail account, a user is able to change their email address to any email address, even to that of a Google corporate account.
Even though Birsan’s fraudulent corporate account denied him direct access to Google’s internal infrastructure, he was able to access the Issue Tracker. This allowed him access to view and engage with all bug reports. In addition, he could also opt to receive notifications and progress updates on all the bug reports.
After gaining access to the Issue Tracker, Birsan was able to view any bug he chose, even the most sensitive bugs. This is attributed a lack of comprehensive validation of a user’s account and permission when opening each report.
In addition, Birsan was allowed to export information regarding bugs using only one request. This allowed him to track all bug activity in real time.
After Birsan notified Google, his access has been revoked, and the vulnerability was addressed within the hour.
Birsan explained that security flaws of this magnitude are generally rectified in record speeds. However, the researcher also added that an attacker could probably compromise Google accounts if the hacker had specific targets. However, Birsan noted that a larger attack that could impact thousands of accounts was probably impossible.
Information regarding bugs would have been invaluable information for the hacking community, who have been specifically targeting technology companies as of late. In early October, reports confirmed that the Microsoft bug database also carried detrimental flaws which could leave their data vulnerable to being exposed.
Google has awarded Birsan with $15,600 as bug bounties and granted him an additional $3,133 to continue researching flaws and vulnerabilities in the system.
A spokesperson for Google confirmed the company’s appreciation of Birsan’s efforts and reports and stated that the company has since addressed and patched the specific security vulnerability.