Cybercriminals use Email Appender
Cybercriminals found a new way to insert messages into their potential victims’ inbox. So, according to research Gemini Advisory, a hacker is advertising a new tool on a dark web forum.
Thus, the attackers do not have to send the malicious emails, but implant them. So, this means, according to the researchers, that the messages can bypass the security systems easier.
In a blog post, the company mentioned that: “The software poses a significant threat as it raises the success rate of malware attacks.”
According to the security experts, it allows cybercriminals start more sophisticated phishing and business email compromise (BEC) campaigns. Moreover, it may open the door for technically simple ransomware-like attacks.
Gemini Advisory explained the way attacks happen using the “Email Appender” new technique.
So, first, attackers do what they have to in order to obtain valid email addresses and their passwords. Usually, they buy them from the dark web, at a very low cost.
Afterwards, the attackers have to upload the credentials that were compromised, into Email Appender. This checks them and then connects to these accounts, using the Internet Message Protocol (IMP).
Email clients use IMP – a standard protocol, in order to recover messages. It is the place where attackers use the feature which allows them add a message in the inbox, without authentication.
Then, cybercriminals amend the important fields, such as the “Sender,” “From” and “Reply-To”. Stanislav Alforov, Gemini Advisory’s director of research, considers this technique as being unique.
Also, according to Alforov, the hacker who advertised Email Appender had also offered other services before. Moreover, he built a “reputation” in dark web forums.
People offered a “positive feedback” for a video he had uploaded on YouTube. This came especially from users who mentioned they tested and used the Email Appender.
The best way to keep our accounts away from the Email Appender, Alforov said, is to enable multi-factor authentication. Thus, it seems that once an account is protected with more than just a password, the malicious software can’t do its job.
Its digital advertising practices continue to bring troubles for Google. Two separate cases will go to court in the UK…
WPP, Delta Airlines, Kellogg and Mindshare take the issue of advertising discrimination seriously, in order to combat bias in digital…
Ad fraud has become a very big issue for both users and the advertising agencies. Different forms of it might…
The Facebook lead architect of the ad-based business model leaves the company. Let's see how her move could affect company's…
A new Meta privacy policy comes soon for the company's platforms. Users would be notified of the updates about how…
As its “customers don't like ads,” Evite, an American online party planner, decided to just close its advertising business, while…