Kimsuky Uses SharpExt To Gather Intelligence From Stolen Email
The threat actor tracked as Kimsuky continue to deliver booby trapped documents to targets that are laced with browser extension malware.
Once received and executed, the malicious Hangul Word Processor (HWP) files communicate with the threat actor controlled C2 to gather the SharpEXT browser extension that is leveraged to steal emails and attachments from the victims in the United States, South Korea, and Europe.
Featured Resources
CUSTOMERS
Non-profit Increases Financial Efficiency and Strengthens Cybersecurity Defenses
Facing increasing threats and tighter budgets, Walsall Housing Group Limited (whg), a UK housing association, turned to Cymulate to optimize
blog
Finding the Right Fit: Vulnerability Assessment vs. Penetration Testing
With more cyber threats than ever before, protecting your organization’s assets and sensitive data has never been more critical. Businesses
blog
Cyber Threats in the Seams
It’s easy for even the most vigilant security teams to overlook a critical reality: no one fully understands all the
Subscribe to Our Blog
Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.
Subscribe