🚨🚨🚨 Really major Gmail phishing attack going around right now. Do NOT click on an unexpected "Open in Docs" link.
Whether or not you have, now is a great time to review the apps you've authed to your account: https://security.google.com/settings/security/permissions
@xor what does it look like after clicking on it? Is it a zero interaction thing or is there the normal "authorize blah blah blah"? What does that page look like?
@nightpool @xor Judging from articles, it sounds like it asks you to authorize an app but it the app has the same name and icon as the actual Google Docs
@chris @nightpool this is correct. The URL for the app (not displayed but you can hover to see) is a not-Google link. Extremely subtle.
If "Google Docs" appears in the list I linked, nuke it
@xor @chris @nightpool from what I can tell (and based on the conversation on HN) it appears it redirects to googledocs.gdocs.pro after getting the OAuth token. Wish I had an actual example.
@wxl @xor @nightpool Yup, it has the redirect URLs in the code linked here: https://toot.works/@chris/81914 https://toot.works/media/cLpTPgkh8MK2fQIsMWM
@chris @xor @nightpool tl;dr no one should be expecting their apps to have access to their apps on the same service.
@xor @chris pour one out for the networks we've lost
https://cybre.space/media/gtE_NbrKgfgU6-Jxc2A