Hackers are now using malicious Gmail, Microsoft Edge extensions to spy on your emails. Here is all you need to know.
Almost everyone has a Gmail account. A Gmail account is not only used for official purposes, but also for private ones. In effect, Gmail has almost all of your private and professional details stored on it through your smartphone or laptop. Therefore, it is very important to keep your Gmail account safe, especially when hackers are coming up with new ways to spy on emails. According to a report by IANS, a group of hackers from North Korea is using a malicious Google Chrome or Chromium-based Microsoft Edge extension to spy on user email accounts.
According to cybersecurity firm Volexity, quoted by IANS, the malicious extension by the hacker group titled ‘SharpTongue’ is capable of stealing email content from Gmail and AOL. “This actor is believed to be North Korean in origin and is often publicly referred to under the name Kimsuky. The definition of which threat activity comprises Kimsuky is a matter of debate among threat intelligence analysts,” cybersecurity researchers said in a statement.
People who are being targeted by SharpTongue include individuals working for organisations in the United States (US), Europe and South Korea who work on topics involving North Korea, nuclear issues, weapons systems, and other matters of strategic interest to North Korea.
The report by IANS further informed that within the last year, Volexity has responded to multiple incidents involving SharpTongue and, in most cases, has discovered a malicious Google Chrome or Microsoft Edge extension dubbed as ‘SHARPEXT’.
“Since its discovery, the extension has evolved and is currently at version 3.0, based on the internal versioning system. It supports three web browsers and theft of mail from both Gmail and AOL webmail,” the researchers informed.
What is the matter of concern is that it is very difficult and challenging to detect that your email is being spied on. “By stealing email data in the context of a user’s already-logged-in session, the attack is hidden from the email provider, making detection very challenging,” IANS reported.