North Korean hackers deploy malicious browser extension against DPRK watchers
Kimsuky-linked attacks target email data rather than login credentials, making them harder to detect, expert says
North Korean hackers have deployed new malware that uses a browser extension to hack emails and steal personal information from DPRK watchers, according to a new report, the latest advancement in an ongoing espionage campaign against academics, journalists and government officials.
The security firm Volexity says the campaign backed by North Korean hacking syndicate Kimsuky utilizes a malicious extension dubbed SHARPEXT. The malware deviates from past Kimsuky browser attacks by directly exporting email data to an attacker-controlled server, rather than simply stealing the victims’ login credentials.
While infected browser extensions are nothing new, Volexity’s
- 01Why China isn’t too worried about Kim Jong Un’s trip to cozy up to Russia
- 02State media review: Kim Jong Un ramps up personality cult with new mosaic mural
- 03Why interoperability remains a hurdle for trilateral cooperation on North Korea
- 04North Korea confirms long-time weapons official leading top missile bureau
- 05RECAP: Everything we know about Kim Jong Un’s grand odyssey in Russian Far East
- 06What the North Korean Red Guards’ new toys reveal about military modernization
- 07State media review: North Koreans ‘pine for’ Kim Jong Un as he travels abroad
- 08Bending the rules: How Russia could justify helping North Korea’s space program