#APT37

Hasamba

@hasamba72.bsky.social

1 week ago

Zscaler details APT37’s Ruby Jumper: LNK + PowerShell carve payloads to load RESTLEAF (Zoho WorkDrive C2) → SNAKEDROPPER (installs Ruby) → THUMBSBD/VIRUSTASK; removable media bridge enables delivery of FOOTWINE and BLUELIGHT. #APT37 #malware #airgap https://bit.ly/4aRPdCM

Ahmandonk

@ahmandonk.bsky.social

1 week ago

📰 APT37 Gunakan Malware Baru untuk Menembus Jaringan Air-Gapped

👉 Baca artikel lengkap di sini: ahmandonk.com/2026/03/05/apt37-ruby-ju...

#air-gapped #apt37 #keamananSiber #malware #spionaseSiber

Sakaijjang

@sakaijjang.bsky.social

1 week ago

북한 APT 37 에서 만든 악성코드-EMD 영수증.lnk 오늘은 북한 리퍼(Reaper) 에서 만든 악성코드인 EMD 영수증.lnk 에 대해 글을 적어 보겠습니다.일단 해당 악성코드는 국제법률회사 사이트를 해킹해서 EMD 영수증.pdf 파일 다운로드 해서 미끼를 보여주는 악성코드입니다.파일명:EMD 영수증.lnk사이즈:43 MBMD5:810462c085f90d745de8a253fb883160SHA-1:0e6aae...

북한 APT 37 에서 만든 악성코드-EMD 영수증.lnk
wezard4u.tistory.com/429723
#apt #apt37 #악성코드

CyberMaterial

@cybermaterial.bsky.social

1 week ago

APT37 Hacks Breach Air-Gapped Nets
Read More: buff.ly/5Cw9qUe

#APT37 #NorthKoreaCyber #AirGappedSystems #CyberEspionage #RubyMalware #RemovableMediaAttack #NationStateThreat #ThreatIntel

The New Oil

@thenewoil.org

2 weeks ago

APT37 hackers use new malware to breach air-gapped networks North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

#APT37 hackers use new #malware to breach air-gapped networks

www.bleepingcomputer.com/news/security/apt37-hack...

#NorthKorea #cybersecurity #AirGap

lazarusholic

@lazarusholic.bsky.social

2 weeks ago

"APT37 Adds New Tools For Air-Gapped Networks" published by Zscaler. #APT37, #LNK, #DPRK, #CTI www.zscaler.com/blogs/security-research/...

piggo

@pigondrugs.bsky.social

2 weeks ago

~Zscaler~
DPRK-backed APT37 uses new malware (THUMBSBD, VIRUSTASK) to breach air-gapped networks via removable media.
-
IOCs: philion. store, homeatedke. store, hightkdhe. store
-
#APT37 #AirGap #Malware #ThreatIntel

lazarusholic

@lazarusholic.bsky.social

2 months ago

"2025 북한 연계 APT 공격 분석 회고 (Lazarus · Kimsuky · APT37 · Konni)" published by Logpresso. #APT37, #Kimsuky, #Konni, #Lazarus, #DPRK, #CTI logpresso.com/ko/blog/2026-01-14-2025-...

lazarusholic

@lazarusholic.bsky.social

2 months ago

"Operation Artemis: Analysis of HWP-Based DLL Side Loading Attacks" published by Genians. #APT37, #Artemis, #DPRK, #CTI www.genians.co.kr/en/blog/threat_intellige...

lazarusholic

@lazarusholic.bsky.social

2 months ago

"작전명 아르테미스: HWP 기반 DLL 사이드 로딩 공격 분석" published by Genians. #APT37, #Artemis, #DPRK, #CTI https://www.genians.co.kr/blog/threat_intelligence/dll

Sakaijjang

@sakaijjang.bsky.social

2 months ago

북한 APT 37(Reaper) 2025 북한인권 청년 아카데미 강의 주제 위장한 악성코드 오늘은 북한 APT 37(Reaper) 2025 북한인권 청년 아카데미 강의 주제 위장한 악성코드 ROKRAT 에 대해 알아보겠습니다.ファイル名:2025 북한인권 청년 아카데미 강의 주제.pdf.lnkサイズ:1 MBMD5:ad6273981cb53917cb8bda8e2f2e31a8SHA-1:536d9332e34a2332b1d027fc45b01e0e5419a7...

북한 APT 37(Reaper) 2025 북한인권 청년 아카데미 강의 주제 위장한 악성코드
wezard4u.tistory.com/429674
#apt37 #reaper #보안 #악성코드

lazarusholic

@lazarusholic.bsky.social

3 months ago

"Malops Challenge 8: Reversing APT 37’s RokRaT Loader" published by callyso0414. #APT37, #RokRAT, #DPRK, #CTI medium.com/@callyso0414/malops-chal...

Cosmic Meta Digital

@cosmicmeta.bsky.social

4 months ago

Apt37 Hackers Abuse Google Find Hub In Android Data-wiping Attacks APT37 hackers exploit Google Find Hub for Android data-wiping attacks, targeting South Korean users with advanced malware and social engineering. Learn how the attacks work and best practices to protect against these threats.

Apt37 Hackers Abuse Google Find Hub In Android Data-wiping Attacks How North Korea-Linked APT37 Is Weaponizing Google’s Find Hub Against Android Users In late 2025,.... @cosmicmeta.ai #APT37

https://u2m.io/cakuHkvZ

Ahmandonk

@ahmandonk.bsky.social

4 months ago

📰 Peretas Korea Utara Manfaatkan Google Find Hub untuk Lacak dan Hapus Data Android Korban

👉 Baca artikel lengkap di sini: ahmandonk.com/2025/11/11/apt37-gunakan...

#android #apt37 #cybersecurity #google-find-hub #kakaotalk #konni #north-korea #

Ralf Ladner

@ralf-ladner.bsky.social

6 months ago

APT37 greift Windows-Systeme mit Rust-Backdoor und Python-Loader an

#APT37 #backdoor #Cybersecurity #Cybersicherheit #Fadestealer #Malware #PythonLoader #Rustonotto #SpearPhishing @Zscaler

netzpalaver.de/2025/...

The Daily Tech Feed

@thedailytechfeed.com

6 months ago

North Korean APT37 evolves tactics with Rust and Python-based malware targeting Windows systems. Stay vigilant against spear-phishing and advanced injection techniques. #CyberSecurity #APT37 #Malware Link: thedailytechfeed.com/north-korean...

lazarusholic

@lazarusholic.bsky.social

6 months ago

"APT37: Rust Backdoor & Python Loader" published by Zscaler. #APT37, #Chinotto, #Rustonotto, #DPRK, #CTI www.zscaler.com/blogs/security-research/...

piggo

@pigondrugs.bsky.social

6 months ago

~Zscaler~
North Korean-aligned APT37 is using a new Rust-based backdoor (Rustonotto) and a Python loader to deploy the FadeStealer info-stealer.
-
IOCs: Rustonotto, FadeStealer
-
#APT37 #Malware #Rust #ThreatIntel

The Daily Tech Feed

@thedailytechfeed.com

6 months ago

ScarCruft's Operation HanKook Phantom targets South Korean academics with RokRAT malware via spear-phishing. Stay vigilant! #CyberSecurity #APT37 #RokRAT #Phishing #InfoSec Link: thedailytechfeed.com/scarcrufts-o...

@matricedigitale.bsky.social

6 months ago

APT37 colpisce la Corea del Sud con HanKook Phantom: LNK fileless, RokRAT, esche locali e esfiltrazione cloud stealth.

#apt37 #cloud #CoreadelNord #CoreadelSud #fileless #HanKookPhantom #phishing #RokRAT #ScarCruft
www.matricedigitale.it/2025/09/01/a...

lazarusholic

@lazarusholic.bsky.social

6 months ago

"Operation HanKook Phantom: APT37 Spear-Phishing Campaign" published by Seqrite. #APT37, #LNK, #RokRAT, #DPRK, #CTI www.seqrite.com/blog/operation-hankook-p...

lazarusholic

@lazarusholic.bsky.social

6 months ago

"북한 해킹 단체 APT37(리퍼,Reaper)에서 만든 RokRAT 악성코드-북한이탈 주민의 성공적인 남한정착을 위한 아카데미 운영.lnk(2025.7.21)" published by Sakai. #APT37, #LNK, #RokRAT, #DPRK, #CTI https://wezard4u.tistory.com/429575

Sakaijjang

@sakaijjang.bsky.social

6 months ago

북한 해킹 단체 APT37(리퍼,Reaper)에서 만든 RokRAT 악성코드-북한이탈 주민의 성공적인 남한정착을 위한 아카데미 운영.lnk(2025.7.21) 오늘은 북한 해킹 단체 APT37(리퍼,Reaper)에서 만든 RokRAT 악성코드에 대해 알아보겠습니다. 일단 해당 악성코드는 북한 이탈 주민의 성공적인 남한정착을 위한 아카데미 운영이라는 제목으로 돼 있으며 RokRAT 인 것을 확인할 수가 있으며 해시는 다음과 같습니다.파일명:북한이탈주민의 성공적인 남한정착을 위한 아카데미 운영.lnk사이즈:50 MB...

북한 해킹 단체 APT37(리퍼,Reaper)에서 만든 RokRAT 악성코드-북한이탈 주민의 성공적인 남한정착을 위한 아카데미 운영.lnk(2025.7.21)
wezard4u.tistory.com/429575
#apt37 #리퍼 #reaper #보안

lazarusholic

@lazarusholic.bsky.social

7 months ago

"북한 해킹 단체 APT 37((리퍼,Reaper)에서 만든 RokRAT 악성코드-250615_양곡판매소 운영 현황.hwp(2025,06,18)" published by Sakai. #APT37, #RokRAT, #DPRK, #CTI https://wezard4u.tistory.com/429564

Sakaijjang

@sakaijjang.bsky.social

7 months ago

북한 해킹 단체 APT 37((리퍼,Reaper)에서 만든 RokRAT 악성코드-250615_양곡판매소 운영 현황.hwp(2025,06,18) 오늘은 북한 해킹 단체 APT 37(리퍼, Reaper)에서 만든 RokRAT 악성코드인 250615_양곡판매소 운영 현황.hwp에 대해 알아보겠습니다.양곡 관리법은 2023년 1월 30일 당시 더불어민주당 등 야권 의원 국회 본회의에서 총 165명이 투표에 참여해 찬성 157명, 반대 6명, 무효 2명으로 양곡관리법 개정안에 대한 본회의 부의 요구의 건을...

북한 해킹 단체 APT 37(리퍼,Reaper)에서 만든 RokRAT 악성코드-250615_양곡판매소 운영 현황.hwp(2025,06,18)
wezard4u.tistory.com/429564
#apt37 #Reaper #RokRAT #악성코드

The Daily Tech Feed

@thedailytechfeed.com

7 months ago

North Korea's APT37 group advances cyberattacks by embedding malware in JPEGs and exploiting trusted Windows processes like mspaint.exe. Stay vigilant! #CyberSecurity #APT37 #Malware #Steganography Link: thedailytechfeed.com/apt37s-advan...

lazarusholic

@lazarusholic.bsky.social

7 months ago

"RoKRAT Shellcode and Steganographic Threats: Analysis and EDR Response Strategies" published by Genians. #APT37, #LNK, #RokRAT, #DPRK, #CTI www.genians.co.kr/en/blog/threat_intellige...