North Korean hackers are now bypassing Google's email security safeguards and can read and download emails and attachments while remaining undetected by Google, as reported first by Futurism.
According to a blog post by cybersecurity company Volexity, the attacks are called "SharpTongue". They are allegedly targeting people in the US, Europe, and South Korea with complex attacks that might create startling precedence. They are purportedly utilizing simple browser extensions to collect mail data directly.
Spear Phishing
Futurism said that this is called "spear phishing," which is frequently employed in targeted assault campaigns to access a person's account or pose as that person.
While earlier versions of these assaults needed unknowing users to download malicious browser extensions willingly, the malware used in these attacks can now download itself onto target machines without the victims' knowledge.
What is even more concerning is that these browsers that were made by Microsoft and Google are unable to recognize when malicious users have compromised them.
Volexity reports that the malware has also constantly developed since its discovery and is currently in its third edition.
The firm also said that current SharpTongue attacks exclusively affect Windows users. However, Volexity President Steven Adair issued a warning that there is no reason why users of MacOS or Linux should not be wary.
Upholding North Korea's Interests
Additionally, SharpTongue is reportedly attacking certain individuals to uphold North Korea's interests.
"Volexity frequently observes SharpTongue targeting and victimizing individuals working for organizations in the United States, Europe and South Korea who work on topics involving North Korea, nuclear issues, weapons systems, and other matters of strategic interest to North Korea," the firm wrote in a blog post.
In sum, these attacks may be largely political and could likely affect those with sensitive data about the government of North Korea.
Volexity added, "within the last year, Volexity has responded to multiple incidents involving SharpTongue and, in most cases, has discovered a malicious Google Chrome or Microsoft Edge extension Volexity calls SHARPEXT."
Attacking The Crypto Industry
North Korean hackers have also become common in the crypto industry. They have recently falsified job applications on LinkedIn and Indeed to secure information from crypto trends.
According to cybersecurity firm Mandiant, they have been acquiring a large swath of internal data on Ethereum and NFT protocols.
The U.S. Treasury even claimed that North Korea has been investing in cryptocurrency heists in the past few years, rendering a significant hacking danger responsible for one of the greatest crypto thefts ever reported in March.
The Treasury said about $615 million was stolen from the crypto heist.
Related Article : Axie Infinity's Ronin Crypto Heist: FBI Says North Korean Hackers Were Behind $600 Million Breach
This article is owned by Tech Times
Written by Joaquin Victor Tacla