1/7/2023 0 Comments Gmail google chrome hackIt then enables its email read/download capabilities. SHARPEXT is then manually installed by an attacker-written VBS script.” Paul Rascagneres, Thomas Lancaster – Volexity Threat ResearchĪccording to Volexity’s blog post, once installed on the device, SHARPEXT malware inserts itself within the browser via the Preferences and Secure Preferences files. “Prior to deploying SHARPEXT, the attacker manually exfiltrates files required to install the extension (explained below) from the infected workstation. The malware is distributed through social engineering and spear phishing scams. The victims are lured into opening a document that contains the malware. The malware is currently targeting Windows devices, but Volexity claims it may work on Linux and macOS devices too. This campaign has been active for more than a year, and during this time, it has stolen thousands of files and messages from Gmail and AOL email accounts. In March 2015, the same group was blamed for targeting South Korea’s Kori nuclear plant and leaking sensitive data on Twitter.Īs for SHARPEXT the malware can directly inspect and exfiltrate data from Gmail accounts and impact version 3.0. It is worth noting that in Jun 2021, Kimsuky APT was found targeting the South Korean atomic agency by exploiting VPN flaws. The typical targets of SHARPEXT malware include those working in nuclear weaponry. Its primary targets are users in the USA, South Korea, and Europe, while its origin has been traced to a North Korean hacker group called Kimsuky or SharpTongue, which is associated with the North Korean intelligence agency Reconnaissance General Bureau. SHARPEXT malware infects devices through browser extensions on Google Chrome and Chromium-based platforms, including Korean browser Naver Whale and Microsoft Edge. This nosey malware spies on AOL and Google account holders and can read/download their private emails and attachments. It is identified by cybersecurity firm Volexity. Gmail users should watch out for the newly discovered email reading malware named SHARPEXT. Researchers have warned users of Gmail on Microsoft Edge and Google Chrome browser of a new email spying malware dubbed SHARPEXT.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |