Hackers Hijack Gmail Accounts Using Malicious Firefox Extension

Chinese-backed hacking group TA413 is believed to coordinate the recent cyber-espionage campaign targeting Tibetan organizations with malicious Firefox extension with the goal of hijacking Gmail accounts and infect victims with malware. The campaign used phishing emails that redirected them to the attacker-controlled domain with a fake Adobe Player Update page. JavaScript profiling scripts executed from this domain would automatically prompt the targets to install a malicious add-on named FriarFox if they were using the Firefox web browser and logged into their Gmail account. Read more...