New Email Hacker Threat: HYPERSCRAPE and How It Works

State-sponsored Iranian hacking group Charming Kitten has been using a new tool to steal emails from Gmail, Yahoo, and Microsoft Outlook accounts, according to a new report from Google’s Threat Analysis Group. This tool, dubbed HYPERSCRAPE, is not very sophisticated but is effective, according to Google.

 

 

How HYPERSCRAPE Works

This email-scraping tool allows the attackers to steal a victim’s emails from their inbox without leaving much evidence of the attack. In order for HYPERSCRAPE to work, victims must be logged into their email accounts, otherwise the attackers need their credentials. Once inside, the tool changes the account’s language settings to English, downloads individual emails and then marks them as unread. The tool also deletes security emails from Google triggered by the activity.

 


The Gold Comet Solution to HYPERSCRAPE

With Gold Comet Secure Messaging, HYPERSCRAPE would be ineffective. 

 

In many respects, the user side of email is subject to greater security risk than the email server. Because each and every transmission is processed within the Gold Comet cloud using just your browser, no message ever leaves the cloud to go across the network, and therefore vulnerability to HYPERSCRAPE would never happen.

 

Providing an appropriate level of security for your email requires carefully considering and addressing numerous issues to build a truly protective environment – which is where the Gold Comet cloud surpasses other solutions.

 

Gold Comet solutions rely on a security framework built around principles of protection in depth from the minute you hit send until your recipients reads the email on their devices. We provide not only protection for email transmission, but also for storage and sharing of your files. Gold Comet provides a proven solution that places our products and services at the forefront of the information privacy and secure email arena.

Recent Posts

See All

Online privacy has gained significant publicity over the past several years. From leaks by Edward Snowden, formerly of the NSA, to the exposure of user-ids, passwords, and a plethora of Personally Ide