ScarCruft surveilling North Korean defectors and human rights activists
SecureList
NOVEMBER 29, 2021
The victim was infected by PowerShell malware and we discovered evidence that the actor had already stolen data from the victim and had been surveilling this victim for several months. Spear-phishing document. After a Facebook conversation, the potential target received a spear-phishing email from the actor. Modified time.
Let's personalize your content