Media, experts targeted by new North Korean APT attacks

24 January 2024

North Korean state-sponsored threat actor ScarCruft, also known as APT37, Ruby Sleet, Ricochet Chollima, InkySquid, and RedEyes, has targeted media outfits and individuals knowledgeable in North Korean affairs in a new attack campaign deploying the RokRAT backdoor, The Hacker News reports. Attacks involved the delivery of emails purportedly from a member of a North Korea Research Institute that lured targets into opening a ZIP archive file, which included malicious Windows shortcut files for RokRAT backdoor deployment, a report from SentinelOne showed.

Source: SC Magazine

Date:

24 January 2024

Categorie(s):

NEWS

Tag(s):

APT, IT, Media, News, North Korean

Smashing Security podcast #370: The closed loop conundrum, default passwords, and Baby Reindeer1 May 2024
Cyberattack against United Russia claimed by Ukraine1 May 2024
US jails former NSA employee for attempting secret sale to Russia1 May 2024
Better identity threat detection sought by new Semperis ML-based tool1 May 2024
Oasis Security reels in $35M more to secure nonhuman identities1 May 2024