Warning: Malicious browser extension targets Gmail and AOL users

Warning: Malicious browser extension targets Gmail and AOL users

We all need to be vigilant about protecting online accounts and personal data. This is because cybercriminals are constantly developing clever new ways to scam us.

Heck, crooks don’t even need to be tech savvy to deploy malware to steal money. They can buy malware on the Dark Web that does all the hard work. Tap or click here to see a recent example of Phishing as a Service (PhaaS) targeting your bank accounts.

Now cybercriminals have a new way to steal private information from your email accounts without your knowledge. Read on to see how they’re doing and ways to stay protected.

Here’s the backstory

Browser extensions are useful tools designed to add additional functionality to Google’s Chrome or other browsers, such as Firefox and Edge. They can range from automatic currency conversion and translations to pop-up blockers and screenshot tools.

But not all extensions are safe. Some extensions hide malicious code, and Mozilla recently blocked dangerous extensions used by 450,000 Firefox users. Late last year, another extension was draining the accounts of unsuspecting crypto users.

The cybersecurity company Volexity has found another dangerous extension, and this one is after your emails and private data. The origin is from North Korea, and Volexity explains that it is aware of the developer SharpTongue.

The problem with this extension is that it gets installed on your browser without your knowledge. You are probably wondering how. Good question. It is an elaborate scheme that involves infecting your device with malware.

Once the malware infects your device, a malicious extension called SHARPEXT is installed on your browser. Some malware variants steal usernames and passwords, but SHARPEXT verifies and downloads data from webmail accounts.

Essentially, the malicious Chrome or Microsoft Edge browser extension accesses and scans your emails, extracting any useful information. According to Volexity, the lucrative targets for the malware include US and European citizens working on “nuclear issues, weapons systems, and other matters of strategic interest to North Korea.”

What can you do about it

If you know that there is a malicious extension in your browser, you can uninstall it. But SHARPEXT complicates it, since it is not an extension that you will find in your browser’s web store.

Instead, malware developers attempt to breach your browser’s security preferences file by infecting your device with malware. Once infected, the malicious extension is added to your browser.

From there, it attacks when you access your email service. Volexity explains that SHARPEXT has successfully stolen thousands of emails from multiple victims.

As we said before, the goals for SHARPEXT are pretty specific and you probably won’t be one of them. However, threats like these come in packs, and criminals are likely to soon shift the targets of the malicious spread to ordinary people. That is why it is necessary to take preventive measures.

Here are the security steps you need to take to prevent malware from infecting your devices:

  • Be careful with links – Never click on links you receive in unsolicited emails or text messages. They could be malicious and infect your device with malware.
  • That also applies to attachments. – Do not open Word or Excel files attached to unsolicited emails. If you open one of these documents and it says you need to enable macros, close the file and delete it immediately.
  • Update your devices – Keep your computer and mobile devices updated to the latest version. Operating system and application updates protect you against the latest threats and are your first line of defense against malware.
  • 2FA is your friend – Use two-factor authentication and password managers for better security. Tap or click here for details on 2FA.
  • Don’t forget antivirus software – Always have a reputable antivirus program up to date and running on all your devices. We recommend our sponsor, TotalAV. Get an annual plan with TotalAV for just $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Google ad scam warning: Do not click on this hidden malware campaign

Malware is still a big problem for Android – here’s what to watch out for

Leave a Comment

Your email address will not be published.