1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Hackers have a new tool that downloads Gmail, Yahoo, Outlook inbo

    From TechnologyDaily@1337:1/100 to All on Tue Aug 23 20:45:04 2022
    Hackers have a new tool that downloads Gmail, Yahoo, Outlook inboxes

    Date:
    Tue, 23 Aug 2022 19:29:48 +0000

    Description:
    Iranian state-sponsored actors are behind the attacks, says Google.

    FULL STORY ======================================================================

    Iranian state-sponsored hackers have built a new tool capable of downloading Gmail , Yahoo, and Outlook inboxes, and are using it against unknown high-profile targets.

    This is according to a new report from Googles Threat Analysis Group (TAG), which managed to obtain a version of the tool and perform an analysis to see just how dangerous it is.

    As per the report, the tool in question is called HYPERSCAPE, and was built back in 2020 by the government-backed group known as Charming Kitten.
    Charming Kitten attacks

    According to Google, the tool works on the attackers endpoint , which means victims dont have to be tricked into downloading any malware . They do, however, need to either have their account credentials compromised or session cookies stolen, as the attacker first needs to log into their account.

    Once that step is achieved, the tool will trick the email service into thinking its being accessed via an outdated browser , and will switch to the basic HTML view. Read more

    Iranian hackers blamed for Fortinet and Microsoft Exchange hacks


    What happens when we unmask the hackers?


    Remove viruses and ransomware with the best malware removal services out
    there

    After that, it will change the inboxs language to English, start opening emails one by one, and download them into the .eml format. Email messages
    that were marked as unread before the attack will be marked as unread afterward as well. Once that stage is done, it will delete any warning
    emails, revert the language back to its original state and disappear.

    Apparently, the tool has so far been used against no more than two dozen accounts, all located in Iran. Google says it notified all of them via its Government Backed Attacker Warnings. The tool was written in .NET for Windows PCs, TAG added, saying it tested it with Gmail, although functionality may differ for Yahoo! and Microsoft accounts".

    Earlier versions of HYPERSCAPE also allowed threat actors to request data
    from Google Takeout, a feature allowing users to export their data to a downloadable archive file. The feature doesnt seem to be available in the latest version, however. These are the best identity theft protection
    services available now



    ======================================================================
    Link to news story: https://www.techradar.com/news/hackers-have-built-a-new-tool-that-downloads-yo ur-gmail-yahoo-outlook-inbox/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)