North Korean hacking group weaponized MS Word document in spear phishing attack



News North Korean hacking group weaponized MS Word document in spear phishing attack APT37 deployed malicious macros in a move that goes beyond a popular South Korean office suite, new report says Min Chao Choy January 7, 2021 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON NK Pro A hacking group linked to North Korea that focused on South Korean file formats in past attacks started weaponizing Microsoft Word documents, security firm Malwarebytes Labs warned in a report on Wednesday. The researchers identified a malicious macro in a Korean-language Word file purporting to be an invitation that was “likely used to target the government of South Korea,” the report said. The security company attributed the spear-phishing attack to a group known as APT37, Reaper, ScarCruft or Group 123. The malicious code found in the lure document eventually downloads and installs the Remote Access Trojan RokRat, which Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01North Korea reveals new vertical take-off drones amid ‘modern warfare’ push 02How long-range strikes on Russia could impact North Korean troop deployments 03How North Korean hackers and IT workers collude to cause chaos 04What pro-Trump think tanks reveal about his likely North Korea policy priorities 05Yoon bet on US to deter North Korea. Now he faces an alliance skeptic in Trump. 06All the question marks hanging over Trump’s approach to North Korea in term two 07Time almost up for North Korea’s plan to launch 3 military satellites in 2024 08Trump return rekindles prospects of North Korea talks, but Russia stands in way

News

North Korean hacking group weaponized MS Word document in spear phishing attack

APT37 deployed malicious macros in a move that goes beyond a popular South Korean office suite, new report says

Min Chao Choy January 7, 2021

North Korean hacking group weaponized MS Word document in spear phishing attack

NK Pro

A hacking group linked to North Korea that focused on South Korean file formats in past attacks started weaponizing Microsoft Word documents, security firm Malwarebytes Labs warned in a report on Wednesday. The researchers identified a malicious macro in a Korean-language Word file purporting to be an invitation that was “likely used to target the government of South Korea,” the report said.

The security company attributed the spear-phishing attack to a group known as APT37, Reaper, ScarCruft or Group 123. The malicious code found in the lure document eventually downloads and installs the Remote Access Trojan RokRat, which

01North Korea reveals new vertical take-off drones amid ‘modern warfare’ push
02How long-range strikes on Russia could impact North Korean troop deployments
03How North Korean hackers and IT workers collude to cause chaos
04What pro-Trump think tanks reveal about his likely North Korea policy priorities
05Yoon bet on US to deter North Korea. Now he faces an alliance skeptic in Trump.
06All the question marks hanging over Trump’s approach to North Korea in term two
07Time almost up for North Korea’s plan to launch 3 military satellites in 2024
08Trump return rekindles prospects of North Korea talks, but Russia stands in way

North Korean hacking group weaponized MS Word document in spear phishing attack

LATEST ANALYSIS

Similar Articles

About the Author

Min Chao Choy