North Korean hackers using Chrome extensions to steal Gmail emails - RedPacket Security
Tags
cmtmf-attack-pattern: Masquerading
country: Germany South Korea
maec-delivery-vectors: Watering Hole
attack-pattern: Data Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Masquerading - T1036 Masquerading
Show in Graph
Common Information
Type Value
UUID 38c0de65-6e28-409d-a5b6-d6cc6ea7e558
Fingerprint bc221f919baffad8
Analysis status DONE
Considered CTI value 2
Text language
Published March 23, 2023, 5:03 a.m.
Added to db March 23, 2023, 7:21 a.m.
Last updated Nov. 17, 2024, 9:55 a.m.
Headline RedPacket Security
Title North Korean hackers using Chrome extensions to steal Gmail emails - RedPacket Security
Detected Hints/Tags/Attributes 45/4/6
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/north-korean-hackers-using-chrome-extensions-to-steal-gmail-emails/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 86 
manifest.json
Details File 6 
bg.js
Details File 9 
dev.js
Details md5 2 
012D5FFE697E33D81B9E7447F4AA338B
Details md5 2 
582A033DA897C967FAADE386AC30F604
Details md5 2 
51527624E7921A8157F820EB0CA78E29