Attacks with the new Google Translate-spoofing Chrome extension dubbed "TRANSLATEXT" have been deployed by North Korean state-sponsored hacking operation Kimsuky — also known as APT43, Velvet Chollima, Emerald Sleet, Black Banshee, ARCHIPELAGO, and Springtail — as part of a cyberespionage campaign against South Korean academic institutions that has been ongoing since March, according to The Hacker News.
Article Link: Ongoing Kimsuky campaign involves novel Chrome extension | SC Media