Home » The APT37 hacker group from North Korea uses new malware against phones and Windows PCs to access files

The APT37 hacker group from North Korea uses new malware against phones and Windows PCs to access files

fb twitter pinterest linkedin
The APT37 hacker group from North Korea uses new malware against phones and Windows PCs to access files-GadgetAny

A new malware is currently being used by a North Korean state-sponsored hacking outfit to target smartphones and personal computers to steal confidential data and files.

This dangerous organisation, also known as Erebus or RedEyes, is APT37, and their most recent threat has been making the rounds since January, at the beginning of the year.

According to reports, this malware targets Windows-based computers and mobile devices and is capable of accessing and gaining control of them.

The group made use of a well-known South Korean word processing program known as EPS vulnerability, CVE-2017-8291, written in Hangul.

North Korea's APT37 Hacker Group Deploys New Malware Against Phones, Windows  PC to Access Files | Tech Times
Image credit- Tech Times

According to the article, the hacker organization wanted to trick victims into disclosing their login information so they could then target sensitive data on accessed sites.

The M2RAT’s ability to look for portable devices connected to the computer utilizing the infected Windows endpoint is one of its most recognisable features.

This malware was created by the Notorious Threat Group APT37, which grabs screenshots or records media on the targeted smartphone and immediately delivers it to the PC that is connected.

These files are then transformed into a RAR-protected file, which is then sent to the threat actors for collection and analysis. In order to prevent detection, the malware is also capable of erasing this copy.

This hacking group is a persistent force on the internet, with its most recent APT37-related action occurring in December 2022.

APT37 targets journalists with Chinotto multi-platform malware
Image credit- Bleeping computer

We are constantly exposed to malware and other viruses, and people are no longer safe if they do not exercise caution when selecting which websites or links to click on. It has been discovered that 34 programs include malware and are waiting for their victims to download and install them. As a result, even apps on the Google Play Store for Android devices are in serious peril.

Also read: North Korea plans to launch a test flight of its ‘spy satellite’ by 2023

Malware attacks come in many forms, with ransomware, phishing scams, and the exploitation of zero-day vulnerabilities being among the most prevalent worldwide.

North Korea and Russia are two well-known nations that have historically been said to have state-sponsored organizations that carry out their will for them. They are among the notable threat actors currently active in the world.


Raulf Hernes

By Raulf Hernes

If you ask me raulf means ALL ABOUT TECH!!

Leave a Reply

Related Blog