Attention à cette extension Chrome qui peut siphonner vos comptes mails…


They would work on behalf of North Korea. These hackers spy on digital activities around the world. Notably in Europe and the United States. They are particularly interested in government agencies. In fact, these North Korean hackers would use a Google browser extension to hack into Gmail accounts. Therefore, caution and vigilance are required.

North Korean hackers target the US and Europe

The United States and Europe would be its main targets. These North Korean pirates would have developed a new modus operandi to spy on computers around the world. Especially in the places mentioned above.

Therefore, you will need to be careful with these Chrome extensions because one of them might be malicious. It is intelligent, yes, but also malicious. They hack Gmail accounts by running a phishing campaign.

Source: Pixabay

manage to install a spy extension for two browsers. These are in fact Google Chrome and Microsoft Edge. Two browsers that work for Chromium and can support the same extensions.

Malware capable of detecting browser-related processes

Is that how it works. A malware payload could spread on PC who downloaded and installed the extension. The PC will then run a PowerShell script. Through activating DevTools, this PowerShell script will allow you to execute arbitrary code.

Note that DevTools are typically a set of tools reserved for developers. This malware has the ability to detect what the target is doing in your web browser. detect browser-related processes such as tabs and their titles.

As soon as a web page is opened, the malware will be able to extract all the information displayed on the page. All this just by seeing a keyword appear in the title of the tab. Volexity, the first to spot the software, reveals his interest.

According to this security firm, the purpose of this software is collect login information to Gmail accounts.

These hackers especially target nuclear facilities.

Also, this software would not need to drill down to a web page. he just needs add addresses to a blacklist. This allows you not to waste time. According to security researchers, this extension has been around for more than a year.

It is directed in particular governmental agencies in South Korea But also those of other countries such as the United States or European countries. It even appears that these hackers working on behalf of North Korea are particularly interested in nuclear facilities.

Obviously, this extension cannot be found in the official Chrome store. The hackers reportedly launched the phishing campaign to get the targets to willingly install the software. So no one is safe from this malware.

Reasons why it is necessary be very careful and extremely vigilant. Otherwise, your Gmail account might get hacked. And this without your knowledge and despite a good password or the activation of a double authentication system.

Source: Pixabay

This malware would only attack Windows PCs at the moment

This malicious software is capable of exfiltrating a web page, but also edit files which contains the system preferences. And attachments too. Furthermore, Veloxity explained that this malware would only attack Windows PCs for the time being.

This does not prevent hackers from being able to access other operating systems (OS) one day, such as the one with the macs. And for now, the only way to protect yourself from this hack is to use a very good antivirus. Otherwise, avoid installing extensions on these browsers.

In fact, the latter often have security vulnerabilities.

Protect your Gmail account in every possible way

We said earlier that for now, only a good antivirus can help you protect yourself from this malware. Or, avoid installing suspicious extensions. However, it costs nothing to try protect your gmail account in all possible ways. With Google, it is possible to check if there has been any suspicious activity in your account.

Here are some steps to identify suspicious activity in your Gmail and possibly retrieve it:

  • First of all, you need to log in to your account. If you can’t connect, something is wrong. So you have to go to the account recovery page and answer some questions.
  • Next, you need to examine their activities and protect your account. When you have opened the account, you have to go to the security section. From there, one can examine their account activities. We may not recognize some of them and therefore we will have to deny them. You can also check the devices that have used the account.
  • Finally, other security measures can be taken by following a series of steps offered by Google.

#Attention #cette #extension #Chrome #qui #peut #siphonner #vos #comptes #mails..

Leave a Reply

Your email address will not be published. Required fields are marked *