North Korean hackers deploy malicious browser extension against DPRK watchers



News North Korean hackers deploy malicious browser extension against DPRK watchers Kimsuky-linked attacks target email data rather than login credentials, making them harder to detect, expert says Ethan Jewell July 29, 2022 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON Applications on an Apple iPhone \| Image: Torsten Dettlaff via Pexels North Korean hackers have deployed new malware that uses a browser extension to hack emails and steal personal information from DPRK watchers, according to a new report, the latest advancement in an ongoing espionage campaign against academics, journalists and government officials. The security firm Volexity says the campaign backed by North Korean hacking syndicate Kimsuky utilizes a malicious extension dubbed SHARPEXT. The malware deviates from past Kimsuky browser attacks by directly exporting email data to an attacker-controlled server, rather than simply stealing the victims’ login credentials. While infected browser extensions are nothing new, Volexity’s Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01How long-range strikes on Russia could impact North Korean troop deployments 02How North Korean hackers and IT workers collude to cause chaos 03What pro-Trump think tanks reveal about his likely North Korea policy priorities 04Yoon bet on US to deter North Korea. Now he faces an alliance skeptic in Trump. 05All the question marks hanging over Trump’s approach to North Korea in term two 06Time almost up for North Korea’s plan to launch 3 military satellites in 2024 07Trump return rekindles prospects of North Korea talks, but Russia stands in way 08How China could benefit from North Korea’s troop deployment to Ukraine

News

North Korean hackers deploy malicious browser extension against DPRK watchers

Kimsuky-linked attacks target email data rather than login credentials, making them harder to detect, expert says

Ethan Jewell July 29, 2022

North Korean hackers deploy malicious browser extension against DPRK watchers

Applications on an Apple iPhone | Image: Torsten Dettlaff via Pexels

North Korean hackers have deployed new malware that uses a browser extension to hack emails and steal personal information from DPRK watchers, according to a new report, the latest advancement in an ongoing espionage campaign against academics, journalists and government officials.

The security firm Volexity says the campaign backed by North Korean hacking syndicate Kimsuky utilizes a malicious extension dubbed SHARPEXT. The malware deviates from past Kimsuky browser attacks by directly exporting email data to an attacker-controlled server, rather than simply stealing the victims’ login credentials.

While infected browser extensions are nothing new, Volexity’s

01How long-range strikes on Russia could impact North Korean troop deployments
02How North Korean hackers and IT workers collude to cause chaos
03What pro-Trump think tanks reveal about his likely North Korea policy priorities
04Yoon bet on US to deter North Korea. Now he faces an alliance skeptic in Trump.
05All the question marks hanging over Trump’s approach to North Korea in term two
06Time almost up for North Korea’s plan to launch 3 military satellites in 2024
07Trump return rekindles prospects of North Korea talks, but Russia stands in way
08How China could benefit from North Korea’s troop deployment to Ukraine

North Korean hackers deploy malicious browser extension against DPRK watchers

LATEST ANALYSIS

Similar Articles

About the Author

Ethan Jewell