Updated News Around the World

North Korea-based hackers may be reading some users’ Gmail – Times of India

One of the most common security tips that we receive and also should follow is to enable 2-step verification wherever it is needed, whether it is Gmail or any other app (non-finance too). However, a group of state-sponsored hackers have reportedly found a way to bypass the 2-step verification on Gmail.
As per security firm Volexity, a group of North Korean hackers by the name of ‘SharpTongue,’ may have been using a malware dubbed ‘SHARPTEXT,’ to access users’ Gmail accounts. And it has been in use for over a year now, and the researchers worry that it is only getting better at its job over the time.
How hackers may be able to read users’ emails
The malware disguises itself as a Google Chrome or Microsoft Edge extension – basically it is a Chromium based extension. The attackers use spear phishing and social engineering methods to propagate the malware via malicious attachments. The malware does not steal your username or password instead it “directly inspects and exfiltrates data” from your Gmail account as you browse it. Once it is done collecting your emails, it sends the data to a remote server.
The SHARPTEXT malware is currently at version 3.0 and it can read emails from both Gmail and AOL mail clients. It works on Chrome, Edge and a South Korean web browser Naver Whale. The malware is said to target users across the United States, Europe and South Korea.

FOLLOW US ON SOCIAL MEDIA

FacebookTwitterInstagramKOO APPYOUTUBE

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsUpdate is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.