South Korean researchers have uncovered a fresh cyber-espionage campaign orchestrated by a hack group known as APT37, or ScarCruft. This group has targeted South Korean organisations linked to national security, utilising phishing emails and impersonating experts to lure victims.
Key Points
- APT37 has initiated a new espionage effort focused on South Korean institutions related to national security.
- The group uses impersonation tactics, sending phishing emails masquerading as credible experts.
- Recent phishing attempts included emails offering fake information about North Korean troops and invitations to security conferences.
- Malicious links in the emails leveraged Dropbox, a common strategy for the group.
- APT37, believed to be state-sponsored by North Korea, has a history of targeting both public and private sectors in South Korea.
- The latest attack involved embedding malware (RoKRAT) that collects system data and captures screenshots.
Why should I read this?
If you care about cybersecurity, this is a must-read. The tactics used by APT37 reveal the lengths cyber-espionage campaigns will go to undermine national security. Understanding these methods can help you stay ahead in protecting sensitive information. We’ve done the dirty work of reading it for you—do yourself a favour and check it out!