This newly discovered threat allows attackers to bypass the need to compromise Gmail login credentials and two-factor verification to read all emails silently.
The report says that SHARPEXT differs from previous browser extensions deployed by these hacking espionage groups in that it doesn't attempt to grab login credentials but bypasses the need for these and can grab email data as the user reads it.
The takeaway? While any form of additional verification of your login credentials remains a must-have security essential, that doesn't mean you should rest on your laurels if you have 2FA/MFA enabled. The AiTM part of the attack employs a proxy between the victim and the Microsoft servers. The MFA request is relayed by the proxy server to the victim who enters their code but on the attacker’s device, and this is then forwarded on.
. Based on the threat data compiled by Microsoft researchers, at least 10,000 organizations have been targeted by such attacks since September 2021. Microsoft says that the Microsoft 365 Defender product “detects suspicious activities related to AiTM phishing attacks and their follow-on activities.” The activities mentioned include the session cookie thefts and the use of the same to sign into compromised accounts.
Both the U.S. and U.K. geographies are being targeted, along with Australia and New Zealand currently. The industry verticals seem to be mainly confined to fintech, insurance, lending, and energy.There is nothing to alert Google and the user that someone has logged into Gmail from a different browser, machine, or location. Bypassing this protection is crucial as it means the threat actors can remain truly persistent, reading all the received and sent emails as if they were the user themselves.
I reached out to Google to see if it had any further advice, but a spokesperson only said that Google"can confirm the extension code the malware uses is not present in the Chrome Web Store."I also spoke to Ian Thornton-Trump, CISO at threat intelligence specialists Cyjax.
México Últimas Noticias, México Titulares
Similar News:También puedes leer noticias similares a ésta que hemos recopilado de otras fuentes de noticias.
New Gmail Attack Bypasses Passwords & 2FA To Read All EmailThis newly discovered threat allows attackers to bypass the need to compromise Gmail login credentials and two-factor verification to read all emails silently.
Leer más »
Polio virus found in New York wastewater, but no new cases - New York Amsterdam NewsThe polio virus was detected in wastewater samples from the suburban county near New York City where an unvaccinated adult recently contracted the life-threatening disease, but health officials said Tuesday they have not identified any additional cases.
Leer más »
Aerial video captures shark snack attack off New York beachExperts with OCEARCH say these bait fish near the coast could be tied to the recent string of shark sightings in New York and New Jersey this summer
Leer más »
A New Attack Easily Knocked Out a Potential Encryption AlgorithmSIKE was a contender for post-quantum-computing encryption. It took researchers an hour and a single PC to break it.
Leer más »