North Korean hackers deploy malicious browser extension against DPRK watchers
Kimsuky-linked attacks target email data rather than login credentials, making them harder to detect, expert says
North Korean hackers have deployed new malware that uses a browser extension to hack emails and steal personal information from DPRK watchers, according to a new report, the latest advancement in an ongoing espionage campaign against academics, journalists and government officials.
The security firm Volexity says the campaign backed by North Korean hacking syndicate Kimsuky utilizes a malicious extension dubbed SHARPEXT. The malware deviates from past Kimsuky browser attacks by directly exporting email data to an attacker-controlled server, rather than simply stealing the victims’ login credentials.
While infected browser extensions are nothing new, Volexity’s
- 01How sanctions contribute to North Korea’s humanitarian distress
- 02State media review: North Korea calls denuclearization a ‘declaration of war’
- 03Why North Korea and the Philippines view each other with mutual distrust
- 04North Korea’s new silo-based missile raises risk of prompt preemptive strikes
- 05Why normalizing US-North Korea relations is a prerequisite for denuclearization
- 06North Korean planes active at Pyongyang airport hours after runway missile test
- 07North Korea using US-ROK drills as cover to carry out missile tests, experts say
- 08State media review: North Korea says rusty American bombs threaten capital