A cybercrime threat group from North Korea is using a malicious Chrome extension to steal Gmail emails, according to a report published by Bleeping Computer. Let’s take a deep dive into how they do it, and what steps you should take now to protect yourself.
The group, known as Kimsuky, has been known to use spear-phishing for cyberespionage, targeting people in high positions, including diplomats, journalists, government agencies, politicians and university professors. According to the Director of National Intelligence, “Spear phishing is a phishing campaign that targets a specific individual or group, often including information known to be of interest to the target, such as current events or financial documents.”
The attack began with a phishing email urging potential victims to install a Chrome extension called AF, which can also be installed in Microsoft Edge, Brave, and other Chromium-based browsers. Immediately after installation, AF starts stealing email content from your Gmail account.
Here’s what to know about protecting your Gmail messages from hackers. (CyberGuy.com)
Beware of new MACSTEALER malware that can steal your icloud keychain data and passwords
Once your Gmail account is taken over by AF, Kimsuky uses Google Play’s web-to-phone sync feature to install the app from your computer to your smartphone, infecting the victim’s phone with Android malware. This allows hackers to delete, create, delete or steal files as well as retrieve your contacts, make calls, send text messages, turn on your camera and more.
Be careful, because apart from this AF malware, Kimsuky has various Android malware on the market, including other programs called FastViewer, Fastfire or Fastspy DEX. These programs masquerade as security plug-ins and document viewing plug-ins.
What can I do to prevent this from happening to me?
1) The first thing to remember is that Never click on suspicious emails. If you accidentally open a phishing email, Do not click on any links embedded in emails.
2) You should also Never download any extensions that are emailed to you. If you want to download a new extension, you should search for it in Chrome’s More tools section under Extensions.
3) Most importantly, always have Install antivirus software on all devices. Antivirus software will protect you from accidentally clicking on malicious links and will remove all malware from your device.
see my expert review Best Antivirus Protection Available for your Windows, Mac, Android and iOS devices By visiting CyberGuy.com/LockUpYourTech
Free Antivirus: Should You Use It?
4) always Double-check your phone for any suspicious-looking apps downloadedif you see them, remove them immediately, and then have your antivirus software scan your phone to make sure all malware has been removed.
5) Finally, be sure to Only download apps from the Google Play StoreHas been reviewed and given a good rating.
Cyber crime protection from viruses and hackers (CyberGuy.com)
Have you received any suspicious phishing emails recently? Let us know at cyberguy.com/contact.
Click here for the Fox News app
For more of my tips, subscribe to my free CyberGuy Reports newsletter by going to CyberGuy.com/Newsletter.
Copyright 2023 CyberGuy.com. all rights reserved.
