lazarusholic

Everyday is lazarus.dayβ

ScarCruft

2016-06-17, Kaspersky
Operation Daybreak
"ScarCruft Threat Actor Intelligence Profile"

- Cybergeist, https://cybergeist.io/profile/scarcruft

Also known as

 
Name Named by AKA First seen Last seen
APT-C-28 Qihoo360 ScarCruft 2019-06-01 2026-02-06
APT-Q-3 Qianxin Group123 2022-03-23 2023-07-11
APT37 Mandiant ScarCruft 2018-02-20 2026-05-10
ATK4 ThalesGroup APT37 2019-10-07 2022-05-31
BlackShoggoth PWC APT37 2020-03-03 2021-02-28
ChinopuNK S2W ScarCruft 2025-08-07 2025-08-07
DEV-0215 Microsoft ScarCruft 2022-11-07 2022-11-07
DogpuNK S2W ScarCruft 2025-08-07 2025-08-07
EarthManticore TrendMicro APT37 2025-03-18 2026-04-16
G0067 MITRE APT37 2018-04-18 2018-04-18
Group123 CiscoTalos ScarCruft 2018-01-16 2025-05-14
ITG10 IBM ScarCruft 2021-10-23 2023-06-06
InkySquid Volexity ScarCruft 2021-08-17 2023-01-04
Lawrencium Microsoft DEV-0215 2023-04-18 2023-04-18
MoldyPisces PaloaltoNetworks TEMP.Reaper 2021-09-30 2021-09-30
NickelFoxcroft SecureWorks ScarCruft - 2024-10-08
PearlSleet Microsoft Lawrencium 2023-04-19 2023-04-18
RedEyes Ahnlab ScarCruft 2018-02-21 2024-05-07
RicochetChollima CrowdStrike ScarCruft 2019-02-19 2026-01-28
ScarCruft Kaspersky - 2016-06-17 2026-05-28
SectorA02 NSHC ScarCruft 2020-03-12 2025-04-16
SquidWerewolf BiZone APT37 2025-03-12 2025-03-12
TA-RedAnt Ahnlab RedEyes 2024-10-16 2025-10-20
TEMP.Reaper Mandiant ScarCruft 2018-02-03 2024-04-09
UCID902 InterLab 금성121 2023-04-12 2025-02-10
puNK-006 S2W ScarCruft 2025-08-07 2025-08-07
금성121 ESTSecurity ScarCruft 2018-07-04 2023-09-19

Reports

2026-05-28
ESET
ESET APT Activity Report Q4 2025–Q1 2026
#Andariel #DangerousPassword #DeceptiveDevelopment #DreamJob #Rook #ScarCruft
2026-05-05
ESET
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
#ScarCruft #BirdCall
2026-02-06
S2W
Scarcruft’s ROKRAT Malware: Recent Changes
#RokRAT #ScarCruft
2026-02-03
S2W
스카크러프트 악성코드(Scarcruft ROKRAT): 새로운 유포 방식의 출현
#RokRAT #ScarCruft
2026-01-14
Plainbit
바로가기 악성파일의 구조를 활용한 공격자 프로파일링
#Kimsuky #Konni #LNK #ScarCruft
2025-12-22
FSI
국가배후 해킹조직의 LNK 악성코드 위협 분석 (Campaign Dark Prism)
#DarkPrism #LNK #Whitepaper #Kimsuky #Konni #ScarCruft
2025-08-07
S2W
ScarCruft’s New Language: Whispering in PubNub, Crafting Backdoor in Rust, Striking with Ransomware
#ChinopuNK #DogpuNK #LNK #Ransomware #ScarCruft #puNK-006 #VCD
2025-01-20
lazarusholic
An exploratory analysis of the DPRK cyber threat landscape using publicly available reports
#Andariel #BlueNoroff #Kimsuky #Konni #Lazarus #ScarCruft
2024-12-11
Lookout
Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea
#Mobile #Kimsuky #KoSpy #ScarCruft #Slides
2024-12-11
Lookout
Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea
#Mobile #Slides #Kimsuky #KoSpy #ScarCruft
2024-11-29
S2W
Introduction to the North Korea-backed Scarcruft ROKRAT Malware Cluster
#CloudMensis #RokRAT #ScarCruft
2024-11-08
ESET
ESET APT Activity Report Q2 2024–Q3 2024
#CitrineSleet #Kimsuky #Lazarus #ScarCruft #Trend
2024-06-19
Malspace
North Korean APTs and Russian Rockets
#Podcast #ScarCruft
2024-05-22
errbody
DPRK-Research
#Konni #Kimsuky #ScarCruft #RokRAT
2024-05-15
ESET
ESET APT Activity Report Q4 2023–Q1 2024
#Trend #WebLogTea #Andariel #Kimsuky #Konni #ScarCruft
2024-04-09
SentinelOne
North Korea's ScarCruft gang is behind some very crafty phishin' campaigns
#Podcast #ScarCruft
2024-03-07
UN
S/2024/215 Final report of the Panel of Experts
#CyberLink #JumpCloud #Andariel #Kimsuky #BlueNoroff #ScarCruft #Alphapo #CoinsPaid #Merlin #Steadefi #Fantom #Terraport #UnoRe #HECO #HTX #OrbitBridge #Poloniex #NexusMutual #Indodax #CoinEx #bZx #Qubit #DeFiance #Bondly #Fetchai #MGNR #EasyFi #FinNexus #Eterbase #KuCoin #Cryptopia #AlgoCapital #CoinTiger #BiKi #CoinBene #Gateio #Coinrail #Bancor #Tradeio #CoinSecure #Cypherium #Taylor #Sanctions
2024-02-16
SOCRadar
Threat Actor Profile: ScarCruft / APT37
#ScarCruft
2024-01-22
SentinelOne
ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals
#LNK #ScarCruft #RokRAT
2023-10-17
Kaspersky
APT trends report Q3 2023
#Trend #ScarCruft
2023-10-05
S2W
Into the Cumulus: Scarcruft bolsters arsenal for targeting individual Android devices
#RokRAT #Cumulus #ScarCruft
2023-09-25
Sangfor
将目光对准高校——ScarCruft组织的新活动
#RokRAT #ScarCruft
2023-09-08
Ahnlab
RedEyes (ScarCruft)'s CHM Malware Using the Topic of Fukushima Wastewater Release
#RedEyes #CHM #ScarCruft
2023-09-06
安恒信息
ScarCruft利用福岛核废水排放话题进行攻击活动
#CHM #ScarCruft
2023-09-06
Ahnlab
Distribution of Backdoor via Malicious LNK: RedEyes (ScarCruft)
#RedEyes #LNK #ScarCruft
2023-09-04
Ahnlab
후쿠시마 오염수 방류 내용을 이용한 CHM 악성코드 : RedEyes(ScarCruft)
#RedEyes #CHM #ScarCruft
2023-09-01
Ahnlab
Backdoor를 유포하는 악성 LNK : RedEyes(ScarCruft)
#RedEyes #LNK #ScarCruft
2023-08-30
安恒信息
ScarCruft针对韩国金融、高校下发Chinotto后门的攻击活动分析 - 安恒威胁情报中心
#ScarCruft #Chinotto
2023-08-07
SentinelOne
Comrades in Arms? | North Korea Compromises Sanctioned Russian Missile Engineering Company
#OpenCarrot #ScarCruft
2023-05-09
ESET
ESET APT Activity Report Q4 2022­–Q1 2023
#Trend #Kimsuky #Andariel #ScarCruft
2023-04-27
Kaspersky
APT trends report Q1 2023
#Trend #Andariel #ScarCruft
2023-03-23
S2W
Scarcruft Bolsters Arsenal for targeting individual Android devices
#Mobile #Cumulus #Clugin #ScarCruft
2023-02-14
KRCERT
TTPs $ ScarCruft Tracking Note
#ScarCruft #Chinotto
2023-02-08
KRCERT
ScarCruft 그룹 위협 추적과 Defend Forward
#ScarCruft #Chinotto
2022-12-05
KRCERT
TTPs #9: 개인의 일상을 감시하는 공격전략 분석
#ScarCruft #Chinotto
2022-11-30
ESET
Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin
#ScarCruft #Dolphin
2022-08-12
Kaspersky
ATTRIBUTION AND BIAS: MY TERRIBLE MISTAKES IN THREAT INTELLIGENCE ATTRIBUTION
#AppleJeus #ScarCruft #Slides
2021-11-29
Kaspersky
ScarCruft surveilling North Korean defectors and human rights activists
#ScarCruft #Chinotto
2020-09-02
Kaspersky
Operation PowerFall: CVE-2020-0986 and variants
#ScarCruft #PowerFall #CVE-2020-0986
2019-10-28
Kaspersky
Behind the mask of ScarCruft: Unveiling endeavor of shady actor
#Slides #ScarCruft
2019-05-16
z3r0trust
ScarCruft APT Malware Uses Image Steganography
#ScarCruft #Steganography
2019-05-14
Kaspersky
ScarCruft continues to evolve, introduces Bluetooth harvester
#Steganography #ScarCruft #CVE-2018-8120
2017-08-30
Kaspersky
WALKING IN YOUR ENEMY’S SHADOW: WHEN FOURTH-PARTY COLLECTION BECOMES ATTRIBUTION HELL
#ScarCruft #Daybreak #Erebus
2016-06-17
Kaspersky
Operation Daybreak
#ScarCruft #Daybreak #CVE-2016-1010