New Delhi: A group of North Korean hackers are using a malicious Google Chrome or Chromium-based Microsoft Edge extension to spy or user email accounts. According to cyber security firm Volexity, a malicious extension called ‘SharpTong’ by the hacker group has been able to steal email content from Gmail and AOL. Cybersecurity researchers said in a statement, “This actor is believed to be North Korean in origin and is often referred to publicly by the name Kimsuki. The definition of threat activity in Kimsuki is a matter of debate among threat intelligence analysts.” Is.”
SharpTongu is targeting and victimizing individuals working for organizations in the United States, Europe, and South Korea that work on topics related to North Korea, nuclear issues, weapons systems, and other matters of strategic interest to North Korea. (Also Read: Gold Rate Today, July 31: Gold Rate Unchanged, Check Yellow Metal Rates in Delhi, Patna, Lucknow, Kolkata, Kanpur, Kerala and Other Cities)
Within the past year, Volexity has responded to several incidents involving SharpTongue and, in most cases, a malicious Google Chrome or Microsoft Edge extension dubbed ‘SHARPEXT’. (Also Read: PPF Scheme: Invest Rs 417 Every Day To Become A Crorepati, Do It Like This)
“Since its discovery, the extension has evolved and is currently at version 3.0 based on an internal versioning system. It supports piracy of mail from three web browsers and both Gmail and AOL webmail,” the researchers reported.
By stealing email data in the context of a user’s already logged-in session, the attack is hidden from the email provider, making detection very challenging.
Similarly, the way the extension works means that suspicious activity won’t be logged in a user’s email “Account Activity” status page, should they review it, the cybersecurity firm noted.