Hackers found a way to access Gmail, Outlook, and Yahoo inboxes

Iranian state-sponsored hackers have discovered ways to infiltrate the Gmail, Yahoo, and Outlook inboxes of at least two dozen high-profile users and download their content, according to a report from the Google Threat Analysis Group (TAG).

The government-backed group known as Charming Kitten originally developed a hacking tool called Hyperscape in 2020 and has used it to orchestrate the recent cyberattacks. TAG was able to get a hold of a version of this tool for analysis, TechRadar reported.

NurPhoto/Getty Images

Google explained that the attack works in a stealth fashion where there is no typical hacking ritual, such as tricking a user into downloading malware. Instead, hackers control the tool from their end, taking advantage of vulnerabilities, such as compromised account credentials or stolen session cookies, in order to access an account.

While this particular cyberattack may have been politically motivated, Google is clearly interested in how these vulnerabilities might be used by others in the future.

A recent report from Sophos details how cookie stealing is among the latest trends in cybercrime. Hackers use the method to bypass security measures such as multifactor authentication and access private databases.

In this case, once logged into the email account, hackers use the tool to trick the email service into thinking a browser is outdated, which then switches it to a basic HTML view. Then it changes the inbox language to English and opens emails individually to begin downloading them in a .eml format. The hackers then mark any opened emails as unread and delete any warning emails, set the inbox back to its original language, and exit.

Despite its seemingly smooth execution, Google has learned a lot about the cyberattacks and has notified all of the known accounts that were affected through its Government Backed Attacker Warnings. TAG has deciphered that the tool was written in .NET for Windows PCs and noted attacks might work differently in Yahoo and Outlook inboxes. At this time, the security group has only tested the tool in Gmail.

Related posts

Latest posts

TSMC in dilemma as US pushes ‘Made in USA’ strategy with Intel

The U.S. government has given the Taiwanese semiconductor manufacturer TSMC three proposals to keep producing with the country, which brought up several challenges.

I’ve found a perfect use for the Galaxy Ring, but I can’t recommend it

The Samsung Galaxy Ring was a miss for me — but I've still managed to find the perfect use for it. Only, I can't recommend it to anyone. Here's why.

Why I’m sad this delightful iPhone camera is about to go away

It looks certain Apple will take the 12-megapixel away from its cheapest iPhone very soon. Let me explain why I'm sad about it.

Moto G Power 2025 review: A solid $300 phone

What makes the Moto G Power 2025 a great phone despite being just $300? Find out in our review.

7 years of updates aren’t what you think they are and Samsung just proved it

The Galaxy S24 will miss out on features the hardware can't support.

Powerbeats Pro 2 vs. Powerbeats Pro: A killer upgrade for runners and gym nuts alike

Apple took almost six years to upgrade the Powerbeats Pro, so are the Powerbeats Pro 2 worth the wait? You

How to download TikTok videos on Android

If you find a favorite TikTok video you want to keep or download to watch offline, it's easy to do

Garmin Instinct 3 vs. 2X vs. 2: Every key upgrade

The Garmin Instinct 3 vs. 2 has major differences in battery life, accuracy, smarts, display quality, and memory, but the

Top Stories: ‘Apple Launch’ Next Week, Powerbeats Pro 2 Debut, and More

Apple is in the middle of trickling out a variety of announcements including Powerbeats Pro 2 and an Apple TV+

10+ Announcements Apple Could Have Rolled Into a February Event

Apple appears to have enough upcoming product announcements to justify a full event this month, yet all signs indicate these