Skip to main content
  1. Home
  2. Computing
  3. News

Hackers found a way to access Gmail, Outlook, and Yahoo inboxes

By
Add as a preferred source on Google

Iranian state-sponsored hackers have discovered ways to infiltrate the Gmail, Yahoo, and Outlook inboxes of at least two dozen high-profile users and download their content, according to a report from the Google Threat Analysis Group (TAG).

The government-backed group known as Charming Kitten originally developed a hacking tool called Hyperscape in 2020 and has used it to orchestrate the recent cyberattacks. TAG was able to get a hold of a version of this tool for analysis, TechRadar reported.

NurPhoto/Getty Images

Google explained that the attack works in a stealth fashion where there is no typical hacking ritual, such as tricking a user into downloading malware. Instead, hackers control the tool from their end, taking advantage of vulnerabilities, such as compromised account credentials or stolen session cookies, in order to access an account.

Recommended Videos

While this particular cyberattack may have been politically motivated, Google is clearly interested in how these vulnerabilities might be used by others in the future.

A recent report from Sophos details how cookie stealing is among the latest trends in cybercrime. Hackers use the method to bypass security measures such as multifactor authentication and access private databases.

In this case, once logged into the email account, hackers use the tool to trick the email service into thinking a browser is outdated, which then switches it to a basic HTML view. Then it changes the inbox language to English and opens emails individually to begin downloading them in a .eml format. The hackers then mark any opened emails as unread and delete any warning emails, set the inbox back to its original language, and exit.

Despite its seemingly smooth execution, Google has learned a lot about the cyberattacks and has notified all of the known accounts that were affected through its Government Backed Attacker Warnings. TAG has deciphered that the tool was written in .NET for Windows PCs and noted attacks might work differently in Yahoo and Outlook inboxes. At this time, the security group has only tested the tool in Gmail.

Fionna Agomuoh
Fionna Agomuoh
Computing Writer
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
Topics
Macbook Neo stress test shows Apple could’ve made it run cooler with a simple fix
This simple mod makes the MacBook Neo faster.
Apple MacBook Neo with users hands on it

Apple's MacBook Neo arrived as a shock to the industry. It is the new cheap MacBook that is designed to be silent, efficient, and affordable. But a new stress test suggests that it could have been noticeably better with a very simple change.

As per a recent test, the addition of a basic copper plate to the cooling setup can improve both thermals and performance by a meaningful margin. And the frustrating part? It isn't some complex engineering overhaul and is relatively straightforward.

Read more
The Mac Pro is dead at Apple, and I’ll miss the cheese-grater powerhouse
RIP Mac Pro. The Mac Studio is taking the throne, and we're okay with that.
Electronics, Computer, Pc

Apple has officially discontinued the Mac Pro. It’s been removed from Apple’s website, and Apple has confirmed to 9to5Mac that there are no plans to release a future version. The buy page now redirects to Apple’s Mac homepage, where the Mac Pro no longer exists.

Why did Apple kill the Mac Pro?

Read more
March Madness, Revisited: The AI Model Did Well. But Mad Things Still Happen
Stills from NCAA games.

(NOTE: This article is part of an ongoing series documenting an experiment with using AI to fill the NCAA brackets and see how it fares against years of human experience. The original article is as follows.)

A week ago, I wrote about entering an NCAA tournament pool with a more disciplined process than I usually use.

Read more