The title is bait. This us not an attack vs Gmail or users of Gmail, but a supply chain attack. The attackers just use Gmail, because it’s a trusted mail service, so there’s a higher chance devs don’t notice and they don’t get blocked.
I guess this is “news” because last month, the vulnerability was being sent to the attacker’s endpoints at https://sol-rpc[.]xyz/api/rpc/queue and now it’s being sent via email instead.
In any case, they did get me because I don’t really care about Solana but do care about Gmail, and this affects me 0%.
threaded - newest
The title is bait. This us not an attack vs Gmail or users of Gmail, but a supply chain attack. The attackers just use Gmail, because it’s a trusted mail service, so there’s a higher chance devs don’t notice and they don’t get blocked.
Even Socket used a clickbait headline for their research: socket.dev/…/gmail-for-exfiltration-malicious-npm…
I guess this is “news” because last month, the vulnerability was being sent to the attacker’s endpoints at
https://sol-rpc[.]xyz/api/rpc/queueand now it’s being sent via email instead.In any case, they did get me because I don’t really care about Solana but do care about Gmail, and this affects me 0%.