North Korean Hackers Weaponize Fake Research to Deliver RokRAT Backdoor

In December 2023, a threat actor going by the name of ScarCruft launched a new campaign targeted at media outlets and prominent specialists in North Korean affairs.

According to a report shared with The Hacker News by SentinelOne researchers Aleksandar Milenkoski and Tom Hegel, “ScarCruft has been experimenting with new infection chains, including the use of a technical threat research report as a decoy, likely targeting consumers of threat intelligence like cybersecurity professionals.”

The adversary associated with North Korea, often referred to as APT37, InkySquid, RedEyes, Ricochet Chollima, and Ruby Sleet, is evaluated as belonging to the Ministry of State Security (MSS), as opposed to Kimsuky and Lazarus Group read more North Korean Hackers Weaponize Fake Research to Deliver RokRAT Backdoor.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *