Hackers can read your email without you even knowing it, here’s how – Times of India

threat analysis group (tag) on Google A new tool named hyperspace being used by an Iranian government-backed group cute kitten which can be used for infiltration Gmail, YahooAnd Outlook inbox.
According to the report, HYPERSPACE was first developed in 2020 and has been used to gain access to less than two dozen accounts in 2021. The report said that these accounts were based in Iran as per Google’s knowledge. No word on whether the tool has been used to log into other accounts outside Iran.
Google’s TAG team says they were able to obtain a version of the tool and analyze it to know its technical sophistication. And according to the team that tool is still under active development.
How hyperspace works
Google says the tool runs on the attacker’s machine, which is then used to infiltrate users’ email accounts, but requires pre-acquired credentials or a cookie session.
Therefore, this process does not require users to deceive them from downloading any malware. However, they require credentials or a cookie session to launch the attack. But this tool is very different from the social-starring attacks we’ve seen in the past.
Once the attacker logs into the email account, the tool trickes the browser into believing that the client is being accessed through an older version, thus turning on a basic HTML view, and then The tool changes the language to English.
Soon the tool opens the emails one by one and downloads them in .eml format, and marks the emails as unread. The tool also removes the alert email and changes the language back to the default when done.
This tool is written in .NET for Windows PC. The TAG team tested it on Gmail in a controlled environment. So, the functionality may be different for Outlook and Yahoo. Google says it has notified all victims via a government-backed attacker alert.

Follow us on Social Media

FacebookTwitterinstagramKu APPyoutube