US EditionScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver Malware
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.2 Articles
2 Articles
ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver Malware
The North Korean-backed advanced persistent threat (APT) group known as ScarCruft has significantly evolved its attack techniques. In a departure from their established methods, the group is now using a sophisticated OLE-based dropper to distribute its signature malware, ROKRAT. This new campaign highlights the group’s ability to abuse legitimate cloud services like pCloud and Yandex […] The post ScarCruft Exploits Trusted Cloud Services and OLE…
ScarCruft Abuses Legitimate Cloud Services for C2 and OLE-based Chain to Drop Malware - Cybernoz - Cybersecurity News
ScarCruft, a prolific North Korean-backed advanced persistent threat (APT) group, has significantly refined its cyberespionage capabilities in a newly identified campaign distributing the ROKRAT malware. This recent activity marks a strategic deviation from their traditional reliance on LNK-based attack chains, pivoting instead to a complex infection method utilizing Object Linking and Embedding (OLE) objects embedded within Hangul Word Processo…
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium
