North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. A North Korea-linked threat actor, tracked as APT37 (also known as RedEyes, TA-RedAnt, Reaper, ScarCruft, Group123), exploited a recent Internet Explorer zero-day vulnerability, tracked as CVE-2024-38178 (CVSS score 7.5), in a supply chain attack. Threat intelligence firm AhnLab and South […]
North Korea-linked ScarCruft APT group started using oversized LNK files to deliver the RokRAT malware starting in early July 2022. Check Point researchers reported that the infection chains observed in the attacks attributed to North Korea-linked ScarCruft APT group (aka APT37, Reaper, and Group123) since 2022 have stopped heavily relying on malicious documents to deliver malware and instead […]
Google warns that the North Korea-linked APT37 group is exploiting Internet Explorer zero-day flaw to spread malware. North Korea-linked APT37 group (aka ScarCruft, Reaper, and Group123) actively exploited an Internet Explorer zero-day vulnerability, tracked as CVE-2022-41128, in attacks aimed at South Korean users. Google Threat Analysis Group researchers discovered the zero-day vulnerability in late October 2022, it […]
North Korea-linked APT37 group targets high-value organizations in the Czech Republic, Poland, and other countries. Researchers from the Securonix Threat Research (STR) team have uncovered a new attack campaign, tracked as STIFF#BIZON, targeting high-value organizations in multiple countries, including Czech Republic, and Poland. The researchers attribute this campaign to the North Korea-linked APT37 group, aka […]
North Korea-linked APT37 group is targeting journalists that focus on DPRK with a new piece of malware. North Korea-linked APT37 group (aka Ricochet Chollima) has been spotted targeting journalists focusing on DPRK with a new piece of malware. The campaign was discovered by journalists at NK News, an American news site that focuses on North […]
Researchers from Malwarebytes Labs spotted an ongoing malware campaign that is targeing Russia with the Konni RAT. Security researchers at Malwarebytes Labs have uncovered an ongoing malware campaign that is mainly targeting Russia with the Konni RAT. The KONNI RAT was first spotted by Cisco Talos researchers in 2017, it has been undetected since 2014 […]
North Korea-linked InkySquid group leverages two Internet Explorer exploits to deliver a custom implant in attacks aimed at a South Korean online newspaper. Experts from cybersecurity firm Volexity reported that North Korea-linked InkySquid group (aka ScarCruft, APT37, Group123, and Reaper) leverages two Internet Explorer exploits to deliver a custom backdoor in watering hole attacks aimed at the […]
Researchers at FireEye speculate that the APT group tracked as APT37 (aka Reaper, Group123, ScarCruft) operated on behalf of the North Korean government. Here we are to speak about a nation-state actor dubbed APT37 (aka Reaper, Group123, ScarCruft) that is believed to be operating on behalf of the North Korean government. APT37 has been active since at least […]