Paid Advertising
web application security lab

Google Blind Redirects Strike Again

Checking through my logs today I found that someone was linking to my mailto: popup crash script. After checking the page out, I couldn’t find a single link to my site. Only a link to Google. Suspicious, I checked out where it was sending the consumer to: (don’t click on that unless you want your computer to start spiraling out of control).

The words “ha” “laughs” “mixed bag” and “certainly” appear on the page. Because of the btnI=q it automatically redirects to the page in question to maliciously make people go to places they didn’t intend to go. This is pretty much exactly the use case I am worried about. Consumers have no idea that “ha+-haha+mixed-bag-of+laughs+certainly” is going to crash their computer. Nor would they understand if that were to give them a virus, or steal their bank account, etc… And yet this known hole is not yet fixed a year after first being reported….

3 Responses to “Google Blind Redirects Strike Again”

  1. Colin Newcomer Says:

    I was an idiot and clicked on the link on another forum. I noticed it ran some type of .exe file. Do you have any idea what that file does? The only thing I remember about it is that it started with an “m”

  2. Jungsonn Says:

    Sheesh… That’s real bad, I also forgot about about that re-directing issue on Google.

    But if it runs an executable you must confirm it to run right? or am I missing something?

  3. Tadeh Says:

    I got a similar link in gmail.
    The worst part is that It goes in Inbox folder, not Spam folder !!!