A Glimpse into Future ScarCruft Campaigns | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals

Executive Summary

• SentinelLabs observed a campaign by ScarCruft, a suspected North Korean APT group, targeting media organizations and high-profile experts in North Korean affairs.


• We recovered malware in the planning and testing phases of Scarcruft’s development cycle, presumably intended for use in future campaigns.


• ScarCruft has been experimenting with new infection chains, including the use of a technical threat research report as a decoy, likely targeting consumers of threat intelligence like cybersecurity professionals.


• ScarCruft remains committed to acquiring strategic intelligence …

apt apt group attackers campaign campaigns cybersecurity cybersecurity professionals development executive experts future high intelligence malware malware analysis media north north korean north korean apt organizations planning professionals profile scarcruft sentinellabs strategic strategic intelligence target targeting testing