Title: Unveiling the Hidden Threat in Gmail and Outlook Message Boxes

Title: Unveiling the Hidden Threat in Gmail and Outlook Message Boxes

January 19, 2025 Update: This previously published story now offers precautions to protect against the sneaky email hacking technique employed by VIP Keylogger and 0bj3ctivityStealer threat campaigns.

Cybercriminals have their sights set on your confidential data, whether through relentless attacks on Microsoft and Google accounts or by bypassing two-factor authentication. The initial attack point more often than not focuses on your email, avoiding click-bait threats or phish-free attacks alike. Now, security analysts have issued an alert about VIP Keylogger and 0bj3ctivityStealer malware, which, remarkably, hide their presence within your email messages. With Gmail and Outlook being the most popular email services, users are urged to maintain heightened vigilance against these hidden threats. Let's delve deeper into the topic.

The Art of Deception: How Hackers Conceal in Your Inbox

Although phishing schemes are as classic as they are evolving, they persistently rely on the same methodology: inducing users to click on links or execute attached files. Recently, however, the HP Wolf security research report has highlighted an alarming new trend: malicious code infiltrating through seemingly harmless images, and not just with one threat, but two.

Security experts have uncovered the VIP Keylogger and 0bj3ctivityStealer hacking campaigns using this same deceiving strategy: embedding malicious code within images. VIP Keylogger, capable of capturing keystrokes and swiping credentials from various sources including applications and clipboard data, has been employed in bogus invoice and purchase order emails. Likewise, 0bj3ctivityStealer, an information thief that targets user account credentials and credit card details, has been weaponized through archive files, disguised as requests for quotations.

As the researchers noted, "by hiding malicious code in images and hosting them on legitimate websites, attackers were more likely to bypass network security that relies on reputation checks."

James Coker of Infosecurity Magazine commented, "This demonstrates that threat actors are repurposing and combining attack components to make their campaigns more efficient."

In the HP Wolf researchers' terminology, these large malware campaigns delivered the VIP Keylogger threat via emails disguised as invoices and purchase orders. These deceptive messages led to multiple malicious images, one of which had been viewed over 29,000 times. On the other hand, the 0bj3ctivityStealer threat utilized archive files, nominally related to requests for quotations. Activation of these attachments triggered the download of an image containing the malicious code from a remote server.

Guarding Against the Perils in Your Inbox

Google has persistently strived to safeguard its massive user base from diverse cyberattacks, including those related to phishing and malware. In 2024, Gmail's senior director of product management, Andy Wen, mentioned, "we developed advanced AI models that significantly strengthened Gmail cyberdefenses. These models allow us to block 20% more spam than previous protections by accurately identifying malicious patterns." Moreover, an additional AI model serves as a supervisor for existing security defenses, swiftly evaluating possible threats and implementing appropriate precautions when required.

In contrast, Microsoft boasts that all Outlook.com users benefit from spam and malware filtration. For Microsoft 365 Family and Personal subscription holders, Outlook.com performs additional screening of email attachments and links, providing premium security features as standard for eligible email accounts, such as @outlook.com, @hotmail.com, @live.com, and @msn.com.

How to Avert Potential Risks

1. Shun Mysterious Attachments and Images:
2. Do not open attachments or images from unknown sources. Display caution when dealing with emails requesting sensitive information or bearing unexpected attachments.
3. Adopt Security Applications:
4. Install reliable security apps like Avast, AVG, Norton360, Sophos (Android), F-Secure Mobile Security, or ZoneAlarm (iOS). These tools can detect malware and phishing attempts.
5. Implement Multi-Factor Authentication (MFA):
6. Activate MFA for an extra layer of security. This feature impedes attackers' access to accounts even in the event of credential theft.
7. Regularly Update Security Software and Operating Systems:
8. Regular updates often include patches for newly discovered vulnerabilities, which cybercriminals might target.
9. Leverage Sophisticated Email Filters and Monitoring Tools:
10. Utilize powerful email filters and monitoring tools to spot irregularities in email traffic patterns. These systems assist in identifying and obstructing suspicious emails before they reach your inbox.
11. Verify Emails Prior to Opening Attachments:
12. Verify the authenticity of emails by contacting the sender autonomously. Be wary of emails containing urgent or intimidating messages, as these are favored strategies of attackers.
13. Examine URLs Using Malware Scanners or Link Verification Tools:
14. Inspect URLs using malware scanners or link verification tools before clicking on them. This practice prevents the execution of malicious code embedded within links.

After the alarming discovery of VIP Keylogger and 0bj3ctivityStealer malware hiding within email messages, users of popular email services like Outlook and Gmail should maintain heightened vigilance. This outlook hack involves malicious code infiltrating through seemingly harmless images, evading both click-bait threats and phish-free attacks. Following this trend, these hacking campaigns use embedded malicious code within images or archive files, posing as bogus invoices or purchase orders E-mails.

To combat this email cyberattack, users can start by avoiding mysterious attachments and images from unknown sources. Reliable security applications like Avast, AVG, Norton360, and others can detect malware and phishing attempts, providing an extra layer of protection. Activating Multi-Factor Authentication (MFA) for email accounts can also impede attackers' access even in the event of credential theft.

Concerning email services, Gmail uses advanced AI models to significantly strengthen its cyberdefenses, blocking 20% more spam than previous protections. Meanwhile, Outlook.com with Microsoft 365 Family and Personal subscriptions performs additional screening of email attachments and links, providing premium security features for eligible email accounts.

In addition to these measures, users can utilize sophisticated email filters and monitoring tools to spot irregularities in email traffic patterns, verify email authenticity before opening attachments, inspect URLs using malware scanners, and regularly update security software and operating systems to protect against newly discovered vulnerabilities.

Read also: