State Sponsored Threat
Charming Kitten, a state-sponsored Iranian hacking group is using a new tool to download emails from targeted Yahoo, Microsoft Outlook, and Gmail accounts.
The utility is called Hyperscraper and like many hackers’ operations and tools, it is in no way sophisticated. But its lack of sophistication is balanced by effectiveness, letting the threat actors hack a target’s e-mail inbox without leaving any traces of the intrusion.
Simple but effective email scraper
In a recent technical report, experts from Google’s TAG (Threat Analyst Group), shared information about Hyperscraper’s capabilities and said that it is under active development.
Google TAG links the tool to Charming Kitten, a threat group based in Iran that is also called APT35 and Phosphorus, and said the earliest samples were found from 2020.
The researchers discovered Hyperscraper in December 2021 and analysed it using a Gmail test account. Hyperscraper isn’t a hacking tool but an instrument that lets threat actors steal email data and store it on their devices after getting into the victim’s email account.
How does Hyperscraper work?
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents