News North Korean hackers target South Koreans with malicious Excel add-ins: ReportExpert says ‘highly agile’ ScarCruft threat group seeks to expand attack vectors to get around security measures A North Korean hacking syndicate has adopted a new technique to attack ROK victims using Microsoft Excel add-ins, according to a U.S.-based cloud security platform, in what one expert called the threat group’s latest effort to expand its vectors for distributing malware. In a blog post published Tuesday, Zscaler states that it discovered the DPRK threat actor ScarCruft, also known as APT37, uploaded a malicious Excel add-in (XLL) file to software development platform GitHub on March 15. “We haven’t seen this attack vector used by APT37 before and we believe this to © Korea Risk Group. All rights reserved. |