Hackers can download all your emails with this tool

0 78

Subscribe to the newsletter the daily to receive our latest news once a day.
You will also be interested

[EN VIDÉO] Kézako: how is data encrypted on the Internet?
Cryptography is the oldest form of encryption. There are traces of its use until 2,000 BC. This technique still used today, especially on the Web, reveals its mysteries on video thanks to the Kézako program from Unisciel and the University of Lille 1.

After China, Russia or Israel, we will have to be wary of the Iranian state. This is announced by Google, which has discovered that hackers, backed by Iranhad created a malware capable of siphoning Internet users’ emails. In his latest report, Threat Analysis Group (TAG), Google thus explains that it got its hands on this tool to determine its dangerousness, and it is able to recover emails from Gmail, Yahoo and Outlook.

Her name ? hyperscrape. Utility of data extraction, it would have been designed in 2020 by the Charming Kitten collective, supported by the Iranian government. His targets? Highly placed personalities. ” We saw it deployed against two dozen accounts located in Iranwrites Google in its report. The oldest known sample is from 2020 and the tool is still under active development. We have taken steps to secure these accounts again and have informed victims through our warnings about these government-backed hackers. “.

The hacker utility simply allows you to choose which type of account to hack.  ©Google

Google protection trapped

The most worrying thing is that hackers do not need to install malware on the targeted PC. In fact, they just need their accounts credentials or a cookie pulled from the victim’s browser. First, the tool will create a Download folder on the Hard disk to store all emails there.

Then the tool traps Google’s protection by posing as an outdated browser. This forces the display to HTML basic in gmail. Once logged in, the tool changes the account’s language settings to English and scans the contents of the mailbox, individually downloading messages as .eml files.

The victim does not notice anything

After the program finishes downloading the inbox, it resets the language to its original settings and deletes all emails Google security. It puts the emails in “unread” if necessary. As a result, the victim did not even realize that his correspondence had been siphoned off since he received no warning of access to his account, as is the case when one connects from a other computer or one mobile.

The good news, or rather the lesser evil, is that the latest version of the malware is no longer compatible with Google Take Out. This function allows anyone with a Google account to create an archive with all their emails, photos, videos, calendar… Initially, Hyperscrape was able to retrieve cookies and the account name , necessary to accomplish archiving.

LAST DAYS to take advantage of our summer offer.
Subscribe to our media for a period of 3 months and receive the Mag Futura as a gift!*

I take advantage of the offer now
Go to our Patreon account to take advantage of the offer
*Offer valid for any new 3-month subscription to the “I participate in the life of Futura” offer on Patreon.

Subscribe to the newsletter the daily : our latest news of the day. All our newsletters


Thank you for your registration.
Glad to have you among our readers!

Leave A Reply

Your email address will not be published.