Google Reader Sharing CSRF

Google Reader’s “share item” function is known to be vulnerable to CSRF for quite some time, but this is the first time I personally witness such an attack (not a particularly malicious one, but can be highly viral). Just in case you run into similar sites like above people did, remember this Internet rule:

“Click-here-to-view-more-hot-girlz” site is always a scam, the only difference is how deep of a trouble it can bring to you.

Attached the source for your viewing pleasure: a straightforward attack, and because it spreads through Google Reader/Buzz, which itself builds on top of “trusted relationship“, we expect an exponential victim growth. (ie. the victim platform carries the virus further, this symptom has been observed in various attacks on socialized services, for instance Twitter/Facebook attacks.)

source (at) pastebin, also wiki on CSRF

Update at 19:42 GMT+8: Some high-profile GR users are now affected, expect this CSRF to affect a lot more people. Check your GR Share & Notes if you have been to this site.

Update at 20:29 GMT+8: 懒得翻译中文了……简单一句,假如你通过GR或Twitter看过某自称“按用户点击排名的美女聚合网站”,请检查自己的GR分享与评论。你的GR个人密码安全无恙。

Update at 21:12 GMT+8: Edited article to reflect latest status.

Author: 店长

The Master of BitInn

6 thoughts on “Google Reader Sharing CSRF”

  1. 假如你把GR与Twitter连在一起……哦哈哈哈。

    还有人连点了十几次,于是在GR上share了这个页面十几次,最后都反映在twitter时间线里。

  2. GR中你的这博文条目下面第二条正好就是别人分享的美女聚合条目...

  3. 在 twitter 上点了别人发的链接就中招了…
    看到此文就去把 shared item 删掉, “你的GR个人密码安全无恙” 这点确定的话… 就懒得改密码了 =,=

  4. 搞出facebook那货一开始在哈佛不就是搞的这玩意儿么…..

Comments are closed.