London: Internet search giant Google has fixed a security lapse that could have allowed hackers to impersonate its social networking site Google+.
The flaw involved an exploit of ID credentials that browsers use to ensure a website is who it claims to be.
By using fake credentials, criminals could have created a website that purported to be part of the Google+, the BBC reports.
The fake ID credentials have been traced back to Turkish security firm TurkTrust, which mistakenly issued them.
According to the report, the lapse was spotted when automatic checks built into Google''s Chrome browser noticed someone was using the program with an unauthorised certificate for the "*.google.com" domain.
Had this not been detected the person could have gone onto to impersonate Google+, Gmail and other services run by the US firm, the report added.
Google said it alerted other browser-makers to the threat after its discovery.