APT37
Coverage of APT37 in the Nexus archive.
- Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
The North Korean state-sponsored hacking group ScarCruft (APT37) used spear-phishing emails impersonating Microsoft Account security alerts to deploy NarwhalRAT malware, as reported by Genians Security Center. The attack aimed to exploit concerns over possible account security issues.
- North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
North Korean hackers targeted ethnic Koreans in China with Android malware called 'BirdCall'. The campaign was attributed to APT37, a hacking group. The hackers used a backdoor attached to a suite of card games from Sqgame.
- ScarCruft hackers push BirdCall Android malware via game platform
The North Korean hacker group APT37 is delivering Android malware called BirdCall through a video game platform in a supply-chain attack. The malware is a backdoor that can be used for various malicious purposes. The attack is targeting users of the video game platform.
- North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
North Korea's hacking group APT37 (ScarCruft) conducted a social engineering campaign via Facebook, using friend requests to deliver RokRAT malware. The multi-stage attack exploited trust-building on the platform to deploy a remote access trojan.