North Korean hackers target South Koreans with malicious Excel add-ins: Report



News North Korean hackers target South Koreans with malicious Excel add-ins: Report Expert says ‘highly agile’ ScarCruft threat group seeks to expand attack vectors to get around security measures Shreyas Reddy March 24, 2023 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON Microsoft Excel on screen under magnifying glass \| Image: Jernej Furman Flickr (CC BY 2.0) A North Korean hacking syndicate has adopted a new technique to attack ROK victims using Microsoft Excel add-ins, according to a U.S.-based cloud security platform, in what one expert called the threat group’s latest effort to expand its vectors for distributing malware. In a blog post published Tuesday, Zscaler states that it discovered the DPRK threat actor ScarCruft, also known as APT37, uploaded a malicious Excel add-in (XLL) file to software development platform GitHub on March 15. “We haven’t seen this attack vector used by APT37 before and we believe this to Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01Trump return rekindles prospects of North Korea talks, but Russia stands in way 02How China could benefit from North Korea’s troop deployment to Ukraine 03New North Korean ICBM delivers big political message, and likely bigger payloads 04How North Korea-Russia ties will challenge next US president, no matter who wins 05What to make of the stunning collapse in value of North Korean won 06What to know about Kim Yong Bok, the man leading North Korean troops in Russia 07If Trump: How erratic leader’s reelection could scramble North Korea policy 08North Korea’s admission of drone incursion exposes glaring gaps in air defenses

News

North Korean hackers target South Koreans with malicious Excel add-ins: Report

Expert says ‘highly agile’ ScarCruft threat group seeks to expand attack vectors to get around security measures

Shreyas Reddy March 24, 2023

North Korean hackers target South Koreans with malicious Excel add-ins: Report

Microsoft Excel on screen under magnifying glass | Image: Jernej Furman Flickr (CC BY 2.0)

A North Korean hacking syndicate has adopted a new technique to attack ROK victims using Microsoft Excel add-ins, according to a U.S.-based cloud security platform, in what one expert called the threat group’s latest effort to expand its vectors for distributing malware.

In a blog post published Tuesday, Zscaler states that it discovered the DPRK threat actor ScarCruft, also known as APT37, uploaded a malicious Excel add-in (XLL) file to software development platform GitHub on March 15.

“We haven’t seen this attack vector used by APT37 before and we believe this to

01Trump return rekindles prospects of North Korea talks, but Russia stands in way
02How China could benefit from North Korea’s troop deployment to Ukraine
03New North Korean ICBM delivers big political message, and likely bigger payloads
04How North Korea-Russia ties will challenge next US president, no matter who wins
05What to make of the stunning collapse in value of North Korean won
06What to know about Kim Yong Bok, the man leading North Korean troops in Russia
07If Trump: How erratic leader’s reelection could scramble North Korea policy
08North Korea’s admission of drone incursion exposes glaring gaps in air defenses

North Korean hackers target South Koreans with malicious Excel add-ins: Report

LATEST ANALYSIS

Similar Articles

About the Author

Shreyas Reddy