North Korean hackers target South Koreans with malicious Excel add-ins: Report

News

North Korean hackers target South Koreans with malicious Excel add-ins: Report

Expert says ‘highly agile’ ScarCruft threat group seeks to expand attack vectors to get around security measures

Shreyas ReddyMarch 24, 2023

North Korean hackers target South Koreans with malicious Excel add-ins: Report

Microsoft Excel on screen under magnifying glass | Image: Jernej Furman Flickr (CC BY 2.0)

A North Korean hacking syndicate has adopted a new technique to attack ROK victims using Microsoft Excel add-ins, according to a U.S.-based cloud security platform, in what one expert called the threat group’s latest effort to expand its vectors for distributing malware.

In a blog post published Tuesday, Zscaler states that it discovered the DPRK threat actor ScarCruft, also known as APT37, uploaded a malicious Excel add-in (XLL) file to software development platform GitHub on March 15.

“We haven’t seen this attack vector used by APT37 before and we believe this to

01Timeline: From North Korean satellite launch to Yoon-Kishida summit in Seoul
02State media review: North Korea says ‘no reason’ it can’t meet with Japan
03North Korea primed for quick rebound after satellite launch failure: Analysis
04What to make of conflicting signs about a North Korean border reopening
05North Korea hacked an election body. But political interference wasn’t the goal.
06Secrecy surrounding North Korea’s upcoming plenum points to big changes afoot
07State media review: North Korea provides a front-row seat to anti-Yoon protests
08By linking radars, ROK and Japan reduce blind spots around North Korean missiles
09Poker face: North Korea tries new strategy in crackdown on ‘bluffing’ and lying
10State media review: ‘Little Boy’ spooks North Korea ahead of warm weather season

North Korean hackers target South Koreans with malicious Excel add-ins: Report

LATEST ANALYSIS

Similar Articles

About the Author

Shreyas Reddy