Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Laptop
Laptop
Technology
Sean Riley

This nasty phishing attack allows hackers to steal your Gmail emails using a Chrome extension — how to check if you have it

Hacker

According to a joint cybersecurity advisory from teams in Germany and South Korea, a new phishing attack threatens to steal users' Gmail emails without any chance of them realizing it happened.

Bleeping Computer first reported on the phishing threat, which serves as the delivery vehicle for a malicious Chrome extension that once active will redirect the user's Gmail emails to the hacker's servers (via TechRadar).

How to find out if you are a victim of this attack

While the attack vector is a Chrome extension, it's important to remember that Chrome isn't the only Chromium-based browser. Other popular browsers like Microsoft Edge and Brave also support Chrome extensions and would be similarly vulnerable to this attack.

The attack is utilizing Chrome extension APIs aimed at developers to bypass account security and route the emails directly to the hacker.

With that out of the way, here's how to check whether you have been impacted.

1. Open your browser

2. Enter "(chrome|edge|brave)://extensions" in your address bar.

3. Look for an extension simply named "AF" in your list of extensions.

4. If present, delete this extension and review your Gmail account to determine what valuable information could have been stolen.

The North Korean group responsible for this threat is known as Kimsuky and it's just the latest in a long line of attacks perpetrated by them. Typically they focus their efforts on high-value targets such as those in politics, professors, journalists, and diplomats, so if you fall into any of those categories you need to be particularly wary.

The best way to stay safe is to never install Chrome extensions, or any software for that matter, from an unknown source. 

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.