Tag Archive for: Gmail

Delete this malicious extension and stop hackers from stealing your Gmail messages

/in


A cybercriminal threat group from North Korea is using a malicious Chrome extension to steal Gmail emails, according to a report released by Bleeping Computer. Let’s dive into how they’re doing this and the steps you should take right now to protect yourself. 

The group, which uses the name Kimsuky, has been known to use spear phishing for cyber-espionage in attacks targeting people with high-profile jobs, such as diplomats, journalists, government agencies, politicians and university professors. According to the Director of National Intelligence, “spear phishing is a type of phishing campaign that targets a specific person or group and will often include information known to be of interest to the target, such as current events or financial documents.” 

CLICK TO GET KURT’S CYBERGUY NEWSLETTER WITH QUICK TIPS, TECH REVIEWS, SECURITY ALERTS AND EASY HOW-TO’S TO MAKE YOU SMARTER 

The attack starts with a phishing email that urges potential victims to install a Chrome extension known as AF, which can also be installed in Microsoft Edge, Brave and other Chromium-based browsers.  Once installed, AF immediately begins stealing the contents of emails from your Gmail account. 

Here's what to know about keeping your Gmail messages safe from hackers.

Here’s what to know about keeping your Gmail messages safe from hackers. (CyberGuy.com)

BEWARE OF NEW MACSTEALER MALWARE THAT CAN STEAL YOUR ICLOUD KEYCHAIN DATA AND PASSWORDS 

Once your Gmail account is taken over by AF, Kimsuky uses Google Play’s web-to-phone synchronization feature for installing apps from your computer onto your smartphone to infect victims’ phones with Android malware. This allows hackers to drop, create, delete or steal files as well as retrieve your contacts, make calls, send text messages, turn on your camera and more. 

Beware, because in addition to this AF malware, Kimsuky has a variety of Android malware on the market, including other programs called FastViewer, Fastfire or Fastspy DEX.  These programs are disguised as plug-ins for security as well as for viewing documents. 

What can I do to prevent this from happening to me? 

1) The first thing to remember is to never click on a suspicious email. If you open a phishing email by accident, do not click on any links embedded…

Source…

North Korea-backed hackers have a clever way to read your Gmail

/in


North Korea-backed hackers have a clever way to read your Gmail

Getty Images

Researchers have unearthed never-before-seen malware that hackers from North Korea have been using to surreptitiously read and download email and attachments from infected users’ Gmail and AOL accounts.

The malware, dubbed SHARPEXT by researchers from security firm Volexity, uses clever means to install a browser extension for the Chrome and Edge browsers, Volexity reported in a blog post. The extension can’t be detected by the email services, and since the browser has already been authenticated using any multifactor authentication protections in place, this increasingly popular security measure plays no role in reining in the account compromise.

The malware has been in use for “well over a year,” Volexity said, and is the work of a hacking group the company tracks as SharpTongue. The group is sponsored by North Korea’s government and overlaps with a group tracked as Kimsuky by other researchers. SHARPEXT is targeting organizations in the US, Europe, and South Korea that work on nuclear weapons and other issues North Korea deems important to its national security.

Volexity President Steven Adair said in an email that the extension gets installed “by way of spear phishing and social engineering where the victim is fooled into opening a malicious document. Previously we have seen DPRK threat actors launch spear phishing attacks where the entire objective was to get the victim to install a browser extension vs it being a post exploitation mechanism for persistence and data theft.” In its current incarnation, the malware works only on Windows, but Adair said there’s no reason it couldn’t be broadened to infect browsers running on macOS or Linux, too.

The blog post added: “Volexity’s own visibility shows the extension has been quite successful, as logs obtained by Volexity show the attacker was able to successfully steal thousands of emails from multiple victims through the malware’s deployment.”

Installing a browser extension during a phishing operation without the end-user noticing isn’t easy. SHARPEXT developers have clearly paid attention to…

Source…

Shortwave helps bring order to clutter in users’ Gmail accounts

/in


I just whipped through my email in record time using Shortwave for Gmail.

Shortwave was created by two guys from Google who figured out how to declutter everything. Ironically, Gmail is about to get even more cluttered. Take a look at the preview of the version rolling out this month.

I love how Shortwave bundles similar emails together. That way, if the whole group looks like junk, I can sweep it off my plate in one fell swoop. This is stuff I normally would have looked at, wasted time on, been sorry I bothered. But when the subject line of a bundle gives me an instant idea of what’s inside, I have more will power. For example, in a subject line labeled “Promotions,” I saw “Book TV,”https://www.nwaonline.com/news/2022/apr/02/shortwave-helps-bring-order-to-clutter-in-users/”Trippin’ Travel,” and “DoorDash,” along with tiny, recognizable icons for the rest. When I opened it, I got a list of headlines for everything in there. I can click on an item to unravel it without unrolling the rest. I can check each item off after I’ve read it, pin it or snooze it for reading later or check off the whole bundle. Just now, I dispatched nine items in a few seconds. I feel freer already.

Neatly listed on the left side of the page are the names of people you have recently corresponded with. Click on a name to see your latest conversations. The free version only lets you search for stuff emailed in the past three months, but everything else can be retrieved in regular Gmail. I have notes going back to 2005.

Surprisingly, Shortwave has no delete button. At first this bugged me, but it actually saves time. I no longer fuss over what to delete. Once a day, I go back to regular Gmail to delete whole swaths of stuff. I call it up by clicking the advanced search icon to the right of the search bar, typing in the word “today” next to “date within one day of.” Just now, there were 116 items. I selected all for deletion, saving four of them.This sounds like extra work, but takes only seconds.

Shortwave is available for Windows, Mac, iPhone or iPad. On Android phones, go to app.shortwave.com. The paid version is $9 a month and offers team features as well as unlimited search and email history.

If you’re…

Source…

Use These Tools To Keep Gmail Safe From Hackers (2021)

/in


Making your Gmail account secure is essential. Luckily, Google — and others — can provide plenty of help.

To protect your Google account — and by extension your Gmail account — against ever-evolving threats, Google is constantly updating its tools and tips.

Here are some of the most critical:

Strong password: not a no-brainer

This seems like a no-brainer. But your definition of a strong password and Google’s definition could be very different.

Google says:

“Use unique, strong passwords It’s risky to use the same password on multiple sites. If your password for one site is hacked, it could be used to get into your accounts for multiple sites…Long passwords are stronger, so make your password at least 12 characters long.” (Emphasis added)

And criminal password crackers “are hip to the usual substitutions,” according to Avast, which offers Internet security software.

“Whether you use DOORBELL or D00R8377, the brute force attacker will crack it with equal ease,” Avast says.

There’s also some good advice from the UK’s National Cyber Security Centre (NCSC) on strong passwords.

The NCSC recommends — and has been recommending for years — that users pick three random words for a password.

Here’s what the NCSC says:

“Passwords made from multiple words will generally be longer than passwords made from a single word. Length is a common (and recommended) requirement for passwords, and promoting the use of a ‘passphrase’ created by combining words provides a way to achieve this without relying on predictable patterns (such as the addition of ! at the end of a password).”

Password generator:

Google Chrome can create and save a strong passwords for any account. Using a password generator is one of the best strategies for creating strong passwords.

Google says:

  1. On your computer, open Chrome.
  2. Make sure you’re signed into Chrome.
  3. Go to a website and sign up for an account.
  4. Click the password text box “Suggest Strong Password” (If you don’t see this option, right-click the password text box, then click Generate password).
  5. You’ll see a preview of…

Source…