News North Korean hackers deploy malicious browser extension against DPRK watchersKimsuky-linked attacks target email data rather than login credentials, making them harder to detect, expert says North Korean hackers have deployed new malware that uses a browser extension to hack emails and steal personal information from DPRK watchers, according to a new report, the latest advancement in an ongoing espionage campaign against academics, journalists and government officials. The security firm Volexity says the campaign backed by North Korean hacking syndicate Kimsuky utilizes a malicious extension dubbed SHARPEXT. The malware deviates from past Kimsuky browser attacks by directly exporting email data to an attacker-controlled server, rather than simply stealing the victims’ login credentials. While infected browser extensions are nothing new, Volexity’s © Korea Risk Group. All rights reserved. |