Airmail 3 Exploit Instantly Steals Info from Apple Users
Severe vulnerabilities in the Airmail 3 software – an alternative to Apple Mail for MacOS – would allow a remote attacker to steal a user’s past emails and file attachments, in many cases without requiring user interaction beyond simply opening a weaponized message.
Researchers at VerSprite discovered that URL requests processed by Airmail 3 can be abused to steal files from the victim, while requiring little skill to do so. An attacker would simply send an email to an Airmail 3 user containing a link with a URL request that triggers the “send mail” function of the application. Unbeknownst to the user, if clicked, this link opens up and sends a new email message from the victim account to the attacker. Other elements could also be embedded in the attack email that will cause Airmail 3 to attach files to that outgoing message – such as previously sent emails.