Security Alert: myMail Credential and Email Harvesting Application

November 7, 2017

by UNH Information Security Services

Affected Software and Version(s)

  • myMail – Email App
  • Available for iOS and Android devices from the Apple App store and Google Play Store
  • Published by my.com

Fixed Version(s)

There is no fixed version of this application available. Users are encouraged to uninstall the application from their device immediately.

Vulnerability Summary

The myMail application allows users to sync their mail boxes from multiple accounts (eg. Gmail, Outlook, Hotmail) into one mailbox hosted on my.com servers. My.com is the publisher of the myMail application. myMail and my.com is the US-based line of products released by mail.ru, a Russian internet giant.

The TOU agreement grants the application permission to store a copy of the credentials (username and password) of each mail account the user syncs with myMail. In addition to credentials, the TOU agreement allows my.com to store the entire contents of all mail boxes synced with myMail.

After extensive analysis, UNH IT has confirmed that users who have synced their UNH email account with myMail have subsequently had their UNH accounts compromised numerous times, even after changing their password. Additionally, UNH IT has detected suspicious activity on accounts that use the myMail application, such as successful login attempts from locations around the world.

Recommended Remediation Steps

We recommend that all users who have the myMail application on their device immediately uninstall the application and change their password once the application is removed. We also recommend that users change the password(s) of any other account that was synced with myMail.

UNH IT continuously monitors for suspicious activity on all user accounts. It is likely that your account will be secured without prior notice if suspicious activity associated with myMail usage is detected on your account. We take this action to minimize the likelihood of a security incident and to protect both University and user information.

For assistance uninstalling the application from a mobile device or changing a UNH password, please visit the ATSC in Dimond Library or call the UNH IT Service Desk at 603-862-4242 for assistance.

 

Bookmark and Share

Archive