Dangerous browser extension reads emails

There is a new attack from hackers. Security researchers at Volexity have discovered a dangerous extension in Chrome browsers like Google Chrome and Microsoft Edge. here a plugin detects emails from Gmail and AOL outside. According to the Hacker News report, the Kimusky hacker group, which is supported by the North Korean regime, is behind the Sharpext browser extension.

The attack occurs on already infected PCs

According to security researchers, the manipulated plugin is used to steal data. Attackers use the extension specifically on PCs they have already gained access to and install the fake plugin in the browser’s developer mode. This replaces the “Preferences” and “Secure Preferences” files. It uses a custom VBS script to gain access to AOL and Gmail accounts while running the infected browser extension in the background.

During the attack, the malicious extension waits for the victim to log in to the email account, so that security software there is no alert on suspicious activity. As a result, North Korean hackers can read the emails unmolested and use the account to deliver malware. According to Volexity, the attack has already been carried out successfully on several occasions.

Also worth reading: Automotive: Hackers want to unlock BMW & Co seat heating

Collection about dangerous browser extensions for Google Chrome:

• In Google Chrome and Microsoft Edge there is a new hacker attack using the Sharpext plugin.
• According to security researchers, the rigged plugin is used to steal data by reading emails. The Kimusky hacker group, which is supported by the North Korean regime, is said to be behind the attack.
• During the attack, the malicious extension waits for the victim to log into their Gmail or AOL email account.

Font: hacker news