ScarCruft surveilling North Korean defectors and human rights activists

The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor we first reported in 2016. ScarCruft is known to target North Korean defectors, journalists who cover North Korea-related news and government organizations related to the Read More …

North Korean hackers launch RokRat Trojan in campaigns against the South

A North Korean hacking group is utilizing the RokRat Trojan in a fresh wave of campaigns against the South Korean government. The Remote Access Trojan (RAT) has been connected to attacks based on the exploit of a Korean language word Read More …

ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks

The ScarCruft Korean-speaking APT is changing up its espionage tactics to include an unusual piece of malware devoted to harvesting Bluetooth information – while also showing some overlap with the DarkHotel APT. An analysis of ScarCruft’s binary infection procedure by Kaspersky Read More …