Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data

The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort.
Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the extension TRANSLATEXT, highlighting its ability to gather email addresses, usernames,

actor chrome chrome extension collection data extension google google chrome information intelligence intelligence collection kimsuky korea malicious march north north korea sensitive sensitive data sensitive information steal threat threat actor threatlabz using zscaler