Volexity researchers have discovered a new one North Korean malware used to spy on the contents of the boxes gmail. Is called sharpext and is installed by the victim as an extension for Chrome and Edge.
Cybersecurity experts have pointed out that this is a rather clever trick: technically, the hackers of the North Korea do not directly compromise the Gmail account, just read emails and attachments using a third-party tool, abrowser extension precisely. In this way, Gmail cannot identify the threat and hackers completely bypass all security measures such as two-factor authentication.
According to the researchers, hackers have been using this trick successfully for more than a year. Until now, no one had noticed.
This scheme designed to spy on hundreds of thousands of emails every day is the work of the team sharp tongue, a hacker group formally affiliated with the Kim Jong-Un dictatorship. No surprise: North Korea has always funded itself through crime, and its legions of state hackers have been one of the most formidable cyber threats in the world for several years now.
According to the Volexity researchers, the malware designed by the North Koreans would currently work exclusively with Windows. We have no news of a Linux or MacOS version.
Sharpex has been successfully used to attack several American, European and South Korean organizations.
Source: Lega Nerd
