ADVERTISEMENT
Alert! Hackers are using malicious extensions to spy on your emailsAfter making their way to Gmail on PCs, hackers then make an attempt to install malware on victim's Android device
DH Web Desk
Last Updated IST
[Representational Image] Hackers using extensions to spy, steal emails on Gmail. Picture Credit: Pixabay
[Representational Image] Hackers using extensions to spy, steal emails on Gmail. Picture Credit: Pixabay

Google Chrome, Microsoft Edge and Brave are the three most popular browsers apps on almost all platforms, as they offer simple and smooth search experiences on computers and mobiles. Besides guiding people to get accurate information, they also offer the flexibility to attach plugins or extensions to their browsers to deliver value-addition services such as in-built grammar correction features, top e-commerce deal notifiers, and multi-media editing tools.

However, they lack a proper mechanism to keep a check on malicious extensions that prey on naive users.

In a joint statement, German and South Korean security agencies--Bundesamt für Verfassungsschutz (BfV) and the National Intelligence Service of the Republic of Korea (NIS), have warned that hackers, in the garb of offering security plugin to scan emails for threats, are instead stealing information from user's Gmail.

ADVERTISEMENT

It has come to light that North Korea-based cyber criminal group Kimsuky (alias Thallium aka Velvet Chollima) known for tracking activists, journalists, and diplomats of South Korea, the USA, and other allied countries, is now targeting civilians.

The bad actors are sending out random emails to potential victims with fake warning messages that their Gmail is under threat from cyber scams. Using panic emotion, they hoodwink users into installing the malicious extensions onto the browser and when the victim login into Gmail, it begins to track every mail and starts sending information to remote servers owned by criminals.

They don't stop there, they misuse the web-to-phone synchronization feature of Google Play. The hackers again fox gullible users to install malware-laced apps on the linked devices such as their mobile phones from the computer.

Once the app makes its way to the phone, the hackers get even more data such as keystrokes on apps, where can get the user's account ID and password and can monitor SMS, contact list, and other messenger apps, and even operate the camera with mic activated, reported Bleeping Computer.

There is no official word on how many users have fallen victim to this scam, but people have been warned users not to install these three extensions-- FastViewer, Fastfire, and Fastspy DEX. They come with '.AF' file extension.

Also, is a good practice to install all security updates from phone manufacturers that are released every month or quarterly. And, ensure your device has a good anti-virus app developed by renowned publishers such as Kaspersky, ESET, Avast and McAfee among others.

Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.

ADVERTISEMENT
(Published 27 March 2023, 13:08 IST)