Malicious browser extension targets Gmail and AOL users

We all need to be vigilant in protecting accounts and personal data online. That’s because cybercriminals are constantly developing clever new ways to trick us.

Heck, thieves don’t even need to be tech-savvy to implement money-stealing malware. They can buy malware on the dark web that does all the hard work. Click or tap here for a recent example of Phishing as a Service (PhaaS) targeting your bank accounts.

Now, cybercriminals have a new way to steal private information from your email accounts without your knowledge. Read on to see how they do it and ways to stay protected.

Here’s the backstory

Browser extensions are useful tools designed to give Google Chrome or other browsers like Firefox and Edge additional functionality. It can range from automatic currency conversion and translations to popup blockers and screenshot tools.

But not all accessories are safe. Some extensions hide malicious code, and Mozilla recently banned the dangerous extensions used by 450,000 Firefox users. Late last year, another extension was draining the accounts of unsuspecting cryptocurrency users.

Cybersecurity company Volexity has found another dangerous extension, and this is after emails and private data. Originally from North Korea, Volexity states he is familiar with the SharpTongue developer.

The problem with this extension is that it gets installed on your browser without your knowledge. You may be wondering how. Good question. It’s a detailed blueprint that includes infecting your device with malware.

Once malware infects your device, a malicious extension called SHARPEXT is installed on your browser. Some malware variants steal usernames and passwords, but SHARPEXT checks and downloads data from webmail accounts.

Essentially, the malicious Chrome or Microsoft Edge browser arrives and scans your emails, extracting any useful information. According to Volexity, the malware’s profitable targets include US and European citizens dealing with “nuclear issues, weapons systems, and other matters of strategic importance to North Korea.”

What can you do about it

If you know that there is a malicious extension on your browser, you can uninstall it. But SHARPEXT makes this tricky, because it’s not an extension that you’ll find in your browser’s web store.

Instead, malware developers are trying to hack your browser’s security preferences file by infecting your device with malware. Once infected, the malicious extension is added to your browser.

From there, it appears when you access your email service. Volexity states that SHARPEXT has successfully passed thousands of emails from multiple victims.

As mentioned earlier, the goals of SHARPEXT are very specific, and you are probably not one of them. However, such threats come in clusters, and it is likely that criminals will modify the malicious extension targets for ordinary people soon. That’s why you need to take preventive measures.

Here are the security steps you should take to avoid infecting your devices with malware:

  • Be careful with links Never click on links you receive in unsolicited emails or text messages. They can be malicious and infect your device with malware.
  • This also applies to attachments Don’t open Word or Excel files attached to unwanted emails. If you open one of these documents and find that you need to enable macros, close the file and delete it immediately.
  • Update your devices – Keep your PC and mobile devices updated to the latest version. Operating system and app updates protect you from the latest threats, and are your first line of defense against malware.
  • 2FA is your friend Use two-factor authentication and password managers to improve security. Tap or click here for details on 2FA.
  • Don’t forget your antivirus software – Always keep your reliable antivirus software up to date and running on all your devices. We recommend our sponsor, TotalAV. Get an annual plan with TotalAV for just $19 at That’s over 85% off the regular price!

Read on

Google Ads Scam Warning: Don’t Click on This Hidden Malware Campaign

Malware is still a big problem for Android — here’s what to watch for

Leave a Reply

%d bloggers like this: