North Korean hackers target DPRK experts and media in new phishing attacks



News North Korean hackers target DPRK experts and media in new phishing attacks Security firm finds ScarCruft cybercriminals used signature malware and will likely do so again in future campaigns Nils Weisensee \| Shreyas Reddy January 22, 2024 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON An illustration of documents flying out of compromised computer North Korean cybercriminals targeted leading DPRK experts and media organizations in a series of phishing attacks toward the end of last year, while laying the groundwork for a new campaign against cybersecurity professionals, according to a U.S. security firm. In a joint investigation with NK Pro, SentinelLabs attributed the attacks with “high confidence” to North Korean threat group ScarCruft, also known as APT37 and InkySquid, based on similarities to past campaigns and the use of malware associated with the group. By targeting experts and media organizations with a North Korea focus, the cybercrime group Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01New North Korean ICBM delivers big political message, and likely bigger payloads 02How North Korea-Russia ties will challenge next US president, no matter who wins 03What to make of the stunning collapse in value of North Korean won 04What to know about Kim Yong Bok, the man leading North Korean troops in Russia 05If Trump: How erratic leader’s reelection could scramble North Korea policy 06North Korea’s admission of drone incursion exposes glaring gaps in air defenses 07The war in Ukraine is transforming how Europe perceives North Korean threats 08What North Korea stands to gain by sending troops to fight in Ukraine

News

North Korean hackers target DPRK experts and media in new phishing attacks

Security firm finds ScarCruft cybercriminals used signature malware and will likely do so again in future campaigns

Nils Weisensee | Shreyas Reddy January 22, 2024

North Korean hackers target DPRK experts and media in new phishing attacks

An illustration of documents flying out of compromised computer

North Korean cybercriminals targeted leading DPRK experts and media organizations in a series of phishing attacks toward the end of last year, while laying the groundwork for a new campaign against cybersecurity professionals, according to a U.S. security firm.

In a joint investigation with NK Pro, SentinelLabs attributed the attacks with “high confidence” to North Korean threat group ScarCruft, also known as APT37 and InkySquid, based on similarities to past campaigns and the use of malware associated with the group.

By targeting experts and media organizations with a North Korea focus, the cybercrime group

01New North Korean ICBM delivers big political message, and likely bigger payloads
02How North Korea-Russia ties will challenge next US president, no matter who wins
03What to make of the stunning collapse in value of North Korean won
04What to know about Kim Yong Bok, the man leading North Korean troops in Russia
05If Trump: How erratic leader’s reelection could scramble North Korea policy
06North Korea’s admission of drone incursion exposes glaring gaps in air defenses
07The war in Ukraine is transforming how Europe perceives North Korean threats
08What North Korea stands to gain by sending troops to fight in Ukraine

North Korean hackers target DPRK experts and media in new phishing attacks

LATEST ANALYSIS

Similar Articles

About the Authors

Nils Weisensee

Shreyas Reddy