Introduction to the North Korea-backed Scarcruft ROKRAT Malware Cluster
Contents
Introduction to the North Korea-backed Scarcruft ROKRAT Malware Cluster
2024.11.28
S2W Threat Intelligence Center releases an analysis report on the North Korea-backed threat group Scarcruft.
The S2W Threat Intelligence Center has published a detailed report analyzing Scarcruft, an Advanced Persistent Threat (APT) group backed by North Korea.
Scarcruft, identified in the recently released Threat Intelligence Report for the Financial Sector Part 4, is one of the 16 profiled APT groups linked to North Korea, China, and Russia. This high-level threat intelligence report offers insights into the malware employed by this group.
✅ Report Title:
Introduction to Scarcruft’s ROKRAT Malware Cluster
✅ Executive Summary:
- Scarcruft, also known as APT37, Red Eyes, Reaper, and Group123, has been active since 2016. Initially, their attacks focused on South Korea, targeting defectors, NGOs, media outlets, and government institutions.
- Recently, their operations have expanded to Japan, Vietnam, Russia, Nepal, and the Middle East.
- Among the malware clusters used by the Scarcruft group, the …
2024.11.28
S2W Threat Intelligence Center releases an analysis report on the North Korea-backed threat group Scarcruft.
The S2W Threat Intelligence Center has published a detailed report analyzing Scarcruft, an Advanced Persistent Threat (APT) group backed by North Korea.
Scarcruft, identified in the recently released Threat Intelligence Report for the Financial Sector Part 4, is one of the 16 profiled APT groups linked to North Korea, China, and Russia. This high-level threat intelligence report offers insights into the malware employed by this group.
✅ Report Title:
Introduction to Scarcruft’s ROKRAT Malware Cluster
✅ Executive Summary:
- Scarcruft, also known as APT37, Red Eyes, Reaper, and Group123, has been active since 2016. Initially, their attacks focused on South Korea, targeting defectors, NGOs, media outlets, and government institutions.
- Recently, their operations have expanded to Japan, Vietnam, Russia, Nepal, and the Middle East.
- Among the malware clusters used by the Scarcruft group, the …