Skip to content
The Nexus
DossierENTITY

ScarCruft

Coverage of ScarCruft in the Nexus archive.

Earliest in view: Apr 13 · 09:15 UTCMost recent: Jun 16 · 08:14 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 16 · 08:14 UTCTHE HACKER NEWS
    Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

    The North Korean state-sponsored hacking group ScarCruft (APT37) used spear-phishing emails impersonating Microsoft Account security alerts to deploy NarwhalRAT malware, as reported by Genians Security Center. The attack aimed to exploit concerns over possible account security issues.

  • SECURITYMay 5 · 09:07 UTCTHE HACKER NEWS
    ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

    The ScarCruft hacking group has compromised a gaming platform, deploying BirdCall malware on Android and Windows to target ethnic Koreans in China. The attack is a supply chain espionage effort. Prior versions of the backdoor primarily targeted Windows users.

  • SECURITYApr 13 · 09:15 UTCTHE HACKER NEWS
    North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

    North Korea's hacking group APT37 (ScarCruft) conducted a social engineering campaign via Facebook, using friend requests to deliver RokRAT malware. The multi-stage attack exploited trust-building on the platform to deploy a remote access trojan.

ScarCruft · Dossier · The Nexus