The title is bait. This us not an attack vs Gmail or users of Gmail, but a supply chain attack. The attackers just use Gmail, because it's a trusted mail service, so there's a higher chance devs don't notice and they don't get blocked.
this post was submitted on 10 Jan 2025
9 points (76.5% liked)
Cybersecurity
7231 readers
47 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 2 years ago
MODERATORS
Even Socket used a clickbait headline for their research: https://socket.dev/blog/gmail-for-exfiltration-malicious-npm-packages-target-solana-private-keys-and-drain-victim-s
I guess this is "news" because last month, the vulnerability was being sent to the attacker's endpoints at https://sol-rpc[.]xyz/api/rpc/queue and now it's being sent via email instead.
In any case, they did get me because I don't really care about Solana but do care about Gmail, and this affects me 0%.