Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data
Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data
28 June 2024
The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort.
Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the extension TRANSLATEXT, highlighting its ability to gather email addresses, usernames,