North Korean cybercrime groups are using malicious Chrome extensions to steal Gmail emails, according to a report published by Bleeping Computer. Let’s take a closer look at how they do this, and what steps you can take now to protect yourself.
Using the name Kimsuky, the group uses spear phishing for cyber espionage in attacks targeting people with high-profile jobs such as diplomats, journalists, government agencies, politicians, and university professors. It is known that According to the Director of National Intelligence, “Spear phishing is a type of phishing campaign that targets a specific individual or group, often with a known interest to the target, such as current events or financial documents. Contains information.”
The attack begins with a phishing email urging potential victims to install a Chrome extension known as AF, which can also be installed on Microsoft Edge, Brave, and other Chromium-based browsers. As soon as AF is installed, it starts stealing email content from Gmail accounts.
Beware of new MACSTEALER malware that can steal ICLOUD keychain data and passwords
Once the Gmail account is hijacked by AF, Kimsuky uses Google Play’s web-to-phone sync feature to install an app from the computer to the smartphone and infect the victim’s phone with Android malware. This allows hackers to not only drop, create, delete or steal files, but also retrieve contacts, call, text her, turn on cameras, and more. .
In addition to this AF malware, Kimsuky has marketed various Android malware including other programs called FastViewer, Fastfire and Fastspy DEX, so be careful. These programs are disguised as security and document viewing plugins.
How can I prevent this from happening to me?
1) The first thing to remember is Never click on suspicious emailsIf you accidentally open a phishing email, Do not click on links embedded within emails.
2) you should too Never download extensions sent by email. If you want to download a new extension, click Chrome’s[その他のツール]You have to search in section.
3) Most importantly, always have Antivirus software installed on all devicesAntivirus software prevents you from accidentally clicking malicious links and removes malware from your device.
See my expert reviews best antivirus protection For Windows, Mac, Android and iOS devices Visit CyberGuy.com/LockUpYourTech
Free Antivirus: Should You Use It?
4) Always Double check that no suspicious apps have been downloaded to your phoneremove them immediately if you find them, then let your antivirus software scan your phone to make sure the malware is removed.
5) Finally, make sure Download apps only from Google Play StoreOne that has been reviewed and given a good rating.
Have you been receiving suspicious phishing emails recently? Contact us at Cyberguy.com/contact.
CLICK HERE TO GET THE FOX NEWS APP
For more of my tips, subscribe to my free CyberGuy Reports newsletter. CyberGuy.com/Newsletter.
Copyright 2023 CyberGuy.com. All rights reserved.