North Korean Kimsuky Hackers Target Researchers with Chrome Malware

The North Korean cyber-espionage group Kimsuky is actively targeting researchers and academics with a sophisticated campaign using malicious Chrome browser extensions. According to cybersecurity experts, the group deploys phishing emails to trick victims into installing malware-laden extensions, enabling the theft of emails, login credentials, and sensitive data. The attack focuses on monitoring victims’ online activity and exfiltrating valuable information, particularly from those involved in research and strategic projects. Once installed, the malware operates stealthily, bypassing traditional security measures to access critical intellectual assets. This campaign underlines the evolving tactics employed by Kimsuky, a group long associated with cyber-espionage operations aligned with North Korea’s strategic interests. Experts advise potential targets to exercise caution, enable multi-factor authentication, and maintain up-to-date browser security. The incident serves as a stark reminder of the persistent cyber threats facing individuals and institutions globally, especially those handling sensitive or high-value information.