ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API

The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that’s designed to gain surreptitious access to a victim’s email correspondence via the Google API.

“In this campaign, the attackers focused their attention on corporate email communications hosted on Gmail, targeting access compromise via APIs,” Kaspersky said in a detailed report published this week. “

Leave a Reply

Your email address will not be published. Required fields are marked *