Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11ROPEMAKER allows an attacker to change email after sending
ROPEMAKER - short for Remotely Originated Post-Delivery Email Manipulation Attacks Keeping Email Risky (translated as dangerous email after being sent) - revolves around the idea that an attacker sends email in HTML format for the victim, but instead of using embedded or inline CSS, it uses the CSS file from the attacker's server.
The purpose of this is to write and send an original email, then the attacker will edit it by changing the content of the CSS file on the server.
ROPEMAKER turns email security products into 'idiots'
The original email will go through email scanning tools installed on the victim's computer but the changes in the email content will not be detected when they occur. This is because the email security system does not re-scan once it has been sent to the recipient's inbox but only the messages that are coming before the time of receipt.
Two types of ROPEMAKER attacks
Francisco Ribeiro, a Mimecast security researcher and discoverer of this type of attack, said he discovered two forms of attack.
The first way is called ROPEMAKER Switch Exploit and based on the attacker turning the 'display' function of many elements on CSS.
For example, he sends an email with 2 links, 1 clean 1 dirty and only displays clean email. After receiving the email, he will edit the CSS file remotely and turn on the dirty link, hiding the link clean.
Change the function displayed on the email
The second way is called ROPEMAKER Matrix Exploit based on embedding the matrix of all ASCII characters for each letter in the email.
By the CSS display rules, an attacker can let each word appear and recreate the text he wants in the email anytime.
Use matrix for characters in email
E-mail scanning tools can't recognize these two types of attacks, but using matrices will create lots of cumbersome email because you have to embed the text matrix - numbers for each character, email security tools can be found.
Ribeiro said that the Mimecast has not detected any attacks using ROPEMAKER technology, but because of this vulnerability, email security tools cannot be recognized, so it does not exclude the case that it has already happened.
ROPEMAKER is not too scary
Although it sounds scary, in reality users don't have to worry much. Most email clients have a habit of extracting tags above (header tags) with HTML-formatted emails, including remote CSS file calling cards.
That is why most HTML email writing guidelines encourage web developers to only use inline CSS and avoid embedded CSS or remote CSS.
Mimecast tested ROPEMAKER with many email clients and said that the browser email interface is not affected when attacked by ROPEMAKER. Not surprisingly, these interfaces pull the tag header as carefully, avoiding interference with the normal header of the page.
In addition, a Reddit user also points out that 'this type of attack is very easy to filter' because the system administrator only needs to block the CSS source from when the email client requests it.
Marvin FryYou should read it
- What is email encryption? Why does it play an important role in email security?
- How to handle when email automatically sends bulk spam
- Warning: The number of malicious emails is increasing rapidly on Gmail and recommendations from Google
- Send Email using PHP
- Discover 2 new vulnerabilities on 2 popular email protocols
- Beware of the 7 most common types of spam
- The only secure email is the text-only email
- How to retrieve the true source of email
May be interested
- How to remove PlusNetwork browser attacker. com
plusnetwork.com browser attacker is integrated via messenger plus toolbar! community. once installed, it will change the homepage and set the default search engine to www. plusnetwork. com. - How to send email from Excel spreadsheet with VBA scriptsending emails from microsoft excel requires only a few simple scripts. add this function to a spreadsheet and you can really make the most of all features in excel.
- Fix common problems when email is not sentwhen encountering email errors when sending, you should carefully read the details of the error messages included in the email to find solutions. the following article will help you fix some of the most common errors.
- How to change another email on Facebookto hide the previous facebook registration email address, we can add a new email address to facebook and delete the old email address.
- How to change Apple ID from 3rd party email to Apple emailapple has changed apple id from third parties such as yahoo mail, gmail, outlook mail ... to the traditional icloud.com format, without affecting user accounts.
- Two disposable email services help eliminate Spamthere are many reasons why we need to use the one-time email service, which helps you be like a spy sending and receiving messages secretly.
- Instructions for using secret mode when sending email on Gmailnowadays with the development of technology as well as information security, users can use secret mode when sending email on gmail.
- How to send encrypted email on Android using OpenKeychaintoday's article will show you how to encrypt email on android using openkeychain. the best thing is that openkeychain is completely free. using openkeychain for email encryption is quick, easy and effective.
- What is an email address?what is an email address ?. email is an english word that stands for electronic mail, meaning electronic mail. you can write letters by typing on a computer and sending it to the recipient via the internet.
- How to change the default email storage folder in Outlook desktopif you regularly use microsoft outlook, you probably know that when you send an email, outlook sends the original email to the recipient and stores a copy of that email in a folder called sent items.
Tech info
- Google has the ability to diagnose depression
- Can run parallel Google Chrome versions
- The researcher released code that exploits the iOS Kernel vulnerability
- OneDrive for Android updates with Office Lens
- Latest Skype feature will make programmers interested
- Latest updates of Google Docs, Sheets & Slides that you still expect
Google has the ability to diagnose depression
Can run parallel Google Chrome versions
The researcher released code that exploits the iOS Kernel vulnerability
OneDrive for Android updates with Office Lens
Latest Skype feature will make programmers interested
Latest updates of Google Docs, Sheets & Slides that you still expect