Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the hcaptcha-for-forms-and-more domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the hcaptcha-for-forms-and-more domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114
Dubai Tech News

Gmail Hacked: Google Says New Attack Can Read All Email Messages

Cybersecurity Gmail Hacked: Google Says New Attack Can Read All Email Messages Davey Winder Senior Contributor Opinions expressed by Forbes Contributors are their own. Co-founder, Straight Talking Cyber New! Follow this author to stay notified about their latest stories. Got it! Aug 23, 2022, 10:58pm EDT | New! Click on the conversation bubble to join the conversation Got it! Share to Facebook Share to Twitter Share to Linkedin Google’s Threat Analysis Group warns of new espionage group Gmail threat PA Images via Getty Images A newly published report from Google’s Threat Analysis Group (TAG) has revealed that an espionage threat group it says is backed by the Iranian government has a new tool that has been used to successfully hack a small number of Gmail user accounts.

The group goes by the name of Charming Kitten, although this cat is far from charming and has very sharp claws, it would appear. The report, written by TAG’s Ajax Bash, confirms that the tool, called HYPERSCRAPE, is “used to steal user data from Gmail, Yahoo!, and Microsoft Outlook accounts. ” MORE FROM FORBES Google Confirms Chrome Zero-Day #5 As Attacks Begin, Update Now By Davey Winder Bash confirms that the state-sponsored group behind the HYPERSCRAPE hack has already successfully compromised a small number of Gmail accounts.

“We have seen it deployed against fewer than two dozen accounts located in Iran,” Bash said, adding that Google had notified the affected users and “taken actions to re-secure these accounts. ” What is HYPERSCRAPE? The HYPERSCRAPE tool was first detected by Google TAG researchers in December 2021, although further investigation revealed the oldest attack seems to date to 2020. MORE FOR YOU iOS 15: Apple Issues 22 Important iPhone Security Updates Widely-Used Hikvision Security Cameras Vulnerable To Remote Hijacking iOS 15 Is Available Now With These Stunning New iPhone Privacy Features It uses spoofing techniques so as to seem to be an old, outdated web browser.

This enables the tool to ‘see’ Gmail inboxes in a basic HTML view. HYPERSCRAPE can step through the contents of the compromised Gmail inbox and other mailboxes to download the email messages one at a time. Once it has completed this process, the emails are marked as unread, and any Google security messages or warnings are deleted.

Bash also said that some versions of the hacking tool were able to export all user data as a downloadable archive using the Google Takeout feature. It is unclear if or why, this feature was removed. How dangerous is HYPERSCRAPE? Obviously, to those targeted by Charming Kitten, HYPERSCRAPE is a very dangerous threat.

However, those targets will be very carefully selected, and, as Bash has said, only a handful of users are known to have been compromised. All of those users were based in Iran. MORE FROM FORBES New Gmail Attack Bypasses Passwords And 2FA To Read All Email By Davey Winder Furthermore, in order for HYPERSCRAPE to be executed, the attackers need to have already acquired the victim’s user credentials.

This, again, reduces the chances that everyday users will be affected. If an attacker has your user credentials, then it’s pretty much game over anyway. In the case of HYPERSCRAPE, the attackers don’t want the victims to know their credentials have been compromised and their Gmail accounts accessed.

Charming Kitten is an advanced persistent threat group, and by covering its tracks by resetting mailboxes back to their original state and removing any security warnings from Google, it hopes to be able to repeat the email hacking at leisure. Bash said that the news of this discovery was being made public so as to “raise awareness on bad actors like Charming Kitten within the security community,” as well as for the high-risk individuals and organizations that could be targeted by the threat group. Mitigating HYPERSCRAPE and other Gmail attack threats If you fall into such a category, then Google encourages you to join the Advanced Protection Program (APP) as well as make use of Google Account Level Enhanced Safe Browsing.

If you don’t, then you should continue to be security-minded despite being at low risk of falling victim to HYPERSCRAPE. That is the extreme end of the threat spectrum, but using weak passwords and not implementing two-factor verification on your Google account leaves you in the crosshairs of everyday cybercriminals. Gaining control of your Gmail account is like getting the keys to the hacking kingdom.

Password reset links coming to your email, details of bank accounts, and personal data all add up to a huge security mess that can be avoided by ensuring a better basic security posture. Follow me on Twitter or LinkedIn . Check out my website or some of my other work here .

Davey Winder Editorial Standards Print Reprints & Permissions.


From: forbes
URL: https://www.forbes.com/sites/daveywinder/2022/08/23/gmail-hacked-google-says-new-attack-can-read-all-email-messages/

Exit mobile version