Cyber Blog

A hacking group known as ToddyCat has created new tools designed to steal information from businesses by targeting their computers and email systems. Instead of trying to break into email accounts from the outside, the group focuses on compromising the devices where messages and data are stored. Once they gain access, they can quietly collect emails, browser information, and even access tokens that allow them to log in to accounts without needing passwords.

One of their tools can pull email files directly from a computer, even while an email program is open or locked. This means the hackers don’t need to bypass login pages or crack passwords; they simply take the stored email data straight from the device. Another tool ToddyCat uses is designed to steal information from web browsers. This includes saved passwords, cookies, and browsing history, which can give the attackers access to many different online accounts and services.

For companies that use cloud-based email platforms, the group may also steal special login “tokens” that let users access their email without having to re-enter their password. If hackers obtain these tokens from a compromised device, they can log in from anywhere as if they were the real user.

ToddyCat has mainly targeted organizations in Europe and Asia, especially those with valuable or sensitive data. While large organizations are the primary targets, any business using similar technology could be at risk. These attacks show that security isn’t just about having strong passwords—protecting the devices themselves is just as important.

To stay protected, companies should use strong security tools on their computers, keep software updated, limit which devices can access important systems, and avoid storing passwords in browsers. As hacking tools continue to evolve, businesses need multiple layers of security to prevent attackers from gaining a foothold.