Cyber security news for all

More

    Mailto links can pose an unexpected security risk

    Mailto links can be used to embed a link to create an email in documents. The recipient and the subject can be specified as parameters. However, some e-mail programs also support undocumented extensions that can be used, for example, to attach any files. This worked on Linux systems.

    Mailto links are a common method of making mail addresses clickable on websites. The appropriate mail program is then usually opened with a click. Such a link usually only contains the email address, but variables can also be used to prefill the email subject or the content of the email.

    The format of a mailto link is

    <a href="mailto:[email protected]">Mail an ju</a>

    With further parameters like subject=Test you can also specify the subject. In some scenarios you can even use the keywords body and attach specify further e-mail elements, which then end up automatically in an e-mail that is ready to be sent. So then leads about

    ?subject=test&attach=/etc/passwd&body=Test-Mail

    Local Files Can Be Attached To Mails With A Parameter

    In addition to these rather harmless features, a local file can be attached directly to the mail in some mail programs using the attach parameter. An attacker could take advantage of this to try to steal a key. These are usually located in standard paths. A user might of course notice that there is an unfamiliar attachment to the mail, but it can be assumed that not all users check this before sending the mail. This file attachment feature is not part of the standard specification for mailto links. It is an unofficial extension that is used by some mail programs. According to the release, the feature is supported in the standard mail programs of the Linux desktop environments. Thunderbird itself is not affected, but can be vulnerable if the mailto links are processed using the xdg tool.

    Mailto links

    These attach parameters are not specified in the mailto standard. As it turned out, the Linux mailers are not necessarily responsible for the data leak. Thunderbird, for example, removed the short term function years ago. But the little helper xdg, which browsers use to open external links, reintroduced the dangerous mailto extensions through the back door.

    Recent Articles

    Unclear cyber attacks that target Covid-19 vaccine campaign

    Security researchers have discovered some cyber attacks that are targeted against the delivery of vaccine against COVID. The targeted attacks began in 2 months...

    New malware called Egregor is on the rise

    New malware is on the rise. The Egregor malware has only been in active for 2 months, but it is already becoming apparent that...

    Anyone with a smartphone can become a victim of cyber-mobbing

    Cyber-mobbing is becoming a huge risk in the current COVID crisis. According to a study, almost 20 percent of students in Germany are exposed...

    macOS Trojans: Traces lead to Vietnam

    Security researchers have discovered a new macOS Trojans. Behind this could be a well known hacker group that has spied on Vietnamese dissidents in...

    Court forces Tutanota to perform a surveillance function

    Tutanota email only stores its user mails in encrypted form and cannot read them itself. Tutanota is one of the few email providers that...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox