North Korean cyber operatives, ever the eager beavers, have been caught red-handed once again, this time leveraging malicious Google Chrome extensions to spy on folks in South Korea. Researchers at Zscaler ThreatLabz stumbled upon a spicy new malware slice dubbed TRANSLATEXT on GitHub, craftily disguised as a harmless Google Translate extension. But don’t be fooled! This cyber contraption is designed to snatch everything from emails to screen captures, all the while pretending to help you understand foreign memes on the internet.
Delving deeper into the world of academia, the sneaky TRANSLATEXT isn’t just after any random Joe’s data but has its digital crosshairs set on the bright minds in South Korea’s educational sector. Specifically, those whose brains are simmering with thoughts on Korean geopolitics and military history. How do we know? Well, a cheeky file named “Review of a Monograph on Korean Military History” was found cosying up next to the malware, tipping off Zscaler’s sharp-eyed researchers to the malware’s scholarly targets.
Despite the malware’s brief cameo on GitHub—removed just a day after its debut—the precision of this attack hints at a well-oiled espionage machine. Who needs cloak and dagger when you have emails and malware, right? The exact tactics for delivering the malware remain a mystery, akin to finding a secret recipe in a spy-themed cookbook. However, suspicions point towards Kimsuky using the classic ’email drop’ method to plant their digital seeds.
**Hot Take**
In the high-tech heist of the century, North Korea has decided that rigging elections is passé and that snatching academic papers through a Chrome extension is where the real action is. Forget nuclear codes; it’s all about those term papers now! Ah, the thrill of swiping essay drafts and debunking myths about Korean military history. Maybe next semester, they can aim for something truly challenging, like infiltrating high school students’ history presentations.
Original Article: https://www.techradar.com/pro/security/north-korean-hackers-are-using-malicious-google-chrome-extensions-to-try-and-hack-your-data