Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called
ScarCruft (aka APT37) to deliver a malware known as RokRAT.
The activity has been codenamed
Operation HanKook Phantom by Seqrite Labs, stating the attacks appear to target individuals associated with the National Intelligence Research Association, including academic figures, former government officials, and researchers.
"The attackers likely aim to steal sensitive information, establish persistence, or conduct espionage," security researcher Dixit Panchal
said in a report published last week.
North Korean spies turn Google's Find Hub into remote-wipe weapon
ScarCruft APT Group Gears Up to Target Cybersecurity Pros
Infected ads used IE leak for 'zero-click' malware infection![[correlate]](/data/avatars/s/79/79653.jpg?1556985072)
The Unintentional Leak: A glimpse into the attack vectors of APT37
North Korean hackers linked to defense sector supply-chain attack