In accordance with Petko Petkov, discoverer of the worm that provokes the attack, this could begin with a victim visiting a web malicious site while it continues registered in their bill of Gmail. From this web you could execute an it multipart/form-dates POST "a command HTML used to go up files" in one of the interfaces of programming of applications of Gmail, and to install a malicious filter in the list of the user's filters.
 
Petkov has published some screens in Gnucitizen.org explaining the attack. "The hacker can write a filter that looks for email with enclosed and it forwards it to a mail address to its election. This filter will automatically transfer all the email that ".I agrees with the rule notices that "the future email will also be forwarded. The attack will continue being executed during the time that the victim has her list of filters, even if the initial vulnerability that caused the infection is solved by Google." The company of Internet, on the other hand, it has not been pronounced about the vulnerability neither, in the event of having her, of when it would amend the problem.
 
To collation of the one post of Petkov, another user assures that an extension of Firefox can block the damages of the worm of Gmail. It is about Giorgio Maone, creator of the add-on NoScript who affirms that their extension blocks the attacks CSRF of not very reliable places. Concretely, NoScript blocks JavaScript, Java and other executable contents of fraudulent pages. The users of Firefox can discharge it of the place of complementary applications of Mozilla.