image credit: Unsplash

North Korean Hackers Use New ‘Chinotto’ Malware to Target Windows, Android Devices

November 30, 2021


Active since at least 2012 and also referred to as APT37, Group123, and Temp.Reaper, ScarCruft is likely backed by the North Korean government and is known for the targeting of defectors, journalists, and government organizations, among others.

The recently observed campaign falls within the same pattern, having a news organization that covers North Korea as its target. Following infection with PowerShell malware, the adversary spied on the victim for months, and even attempted to spear-phish victims’ associates.

Read More on Security Week