North Korean hacking group ScarCruft has recently used ransomware called VCD in their operations, indicating a potential shift towards financially motivated or disruptive tactics. Researchers link this activity to North Korea’s broader strategy of espionage and revenue generation, involving advanced malware and social engineering. #ScarCruft #ChillyChino
Keypoints
- ScarCruft is a North Korean state-backed hacker group primarily known for cyber-espionage campaigns.
- The group has recently used a new ransomware dubbed VCD, marking a possible shift in operational goals.
- Detailed malware includes LightPeek, FadeStealer, NubSpy, and ChillyChino, with sophisticated C2 techniques like PubNub.
- The hackers employ social engineering tactics, such as phishing campaigns posing as experts or institutions.
- Their activities aim to gather strategic intelligence and generate illicit revenue to support North Korea.
Read More: https://therecord.media/scarcruft-north-korea-hackers-add-ransomware