North Korean hackers target South Koreans with malicious Excel add-ins: Report
Expert says ‘highly agile’ ScarCruft threat group seeks to expand attack vectors to get around security measures
A North Korean hacking syndicate has adopted a new technique to attack ROK victims using Microsoft Excel add-ins, according to a U.S.-based cloud security platform, in what one expert called the threat group’s latest effort to expand its vectors for distributing malware.
In a blog post published Tuesday, Zscaler states that it discovered the DPRK threat actor ScarCruft, also known as APT37, uploaded a malicious Excel add-in (XLL) file to software development platform GitHub on March 15.
“We haven’t seen this attack vector used by APT37 before and we believe this to
- 01Timeline: From North Korean satellite launch to Yoon-Kishida summit in Seoul
- 02State media review: North Korea says ‘no reason’ it can’t meet with Japan
- 03North Korea primed for quick rebound after satellite launch failure: Analysis
- 04What to make of conflicting signs about a North Korean border reopening
- 05North Korea hacked an election body. But political interference wasn’t the goal.
- 06Secrecy surrounding North Korea’s upcoming plenum points to big changes afoot
- 07State media review: North Korea provides a front-row seat to anti-Yoon protests
- 08By linking radars, ROK and Japan reduce blind spots around North Korean missiles
- 09Poker face: North Korea tries new strategy in crackdown on ‘bluffing’ and lying
- 10State media review: ‘Little Boy’ spooks North Korea ahead of warm weather season