Cybersecurity firm Volexity reported that a group of hackers from North Korea are using a malicious Google Chrome and Microsoft Edge extension to spy on email accounts. The malicious extension titled ‘SharpTongue’ is capable of stealing email content from Gmail and AOL.
The firm claims that SharpTongue is targeting and victimizing individuals working for organizations in the United States, Europe and South Korea who work on topics involving North Korea, nuclear issues, weapons systems, and other matters of strategic interest to North Korea.
Within the last year, Volexity has responded to multiple incidents involving SharpTongue and, in most cases, has discovered a malicious Google Chrome or Microsoft Edge extension Volexity calls “SHARPEXT”.
The cybersecurity firm claims that the malware found directly inspects and exfiltrated data from a victim’s webmail account as they browse it. Since its discovery, the extension has evolved and is currently at version 3.0, based on the internal versioning system. It supports three web browsers and theft of mail from both Gmail and AOL webmail.
FacebookTwitterInstagramKOO APPYOUTUBE
