RokRAT Archives • Daily CyberSecurity

The Friend Request from Pyongyang: How APT37 Hijacks Facebook to Deploy RokRAT APT37 RokRAT Social Engineering Phishing

The Friend Request from Pyongyang: How APT37 Hijacks Facebook to Deploy RokRAT

Do Son April 15, 2026

A new investigation has revealed that the notorious state-sponsored threat group APT37 has significantly evolved its tactics,...

Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign

Do Son September 2, 2025

Researchers at Seqrite Lab have uncovered a new spear-phishing operation attributed to APT-37 (ScarCruft / InkySquid /...

APT37 Escalates Cyber-Espionage on South Korea: New RoKRAT Backdoor Uses Stealthy LNK Files & Steganography

Do Son August 4, 2025

The North Korea-linked threat actor APT37, known for its persistent cyberespionage campaigns in South Korea and beyond,...

North Korean APT37’s “ToyBox Story”: Stealthy Attacks Unveiled APT37, RoKRAT

North Korean APT37’s “ToyBox Story”: Stealthy Attacks Unveiled

Do Son May 13, 2025

In a recent expose by Genians Security Center (GSC), North Korean-linked APT group APT37 has once again...

North Korean APT-C-28 Expands Cyber Espionage Campaign

Do Son February 23, 2025

A recent report from 360 Threat Intelligence Center has detailed the persistent cyber espionage activities of APT-C-28...

South Korean CSOs Under Cyberattack: 3-Year Study South Korean Cyberattack

South Korean CSOs Under Cyberattack: 3-Year Study

Do Son February 13, 2025

A three-year study conducted by independent security researcher Ovie (Ovi) has exposed the scale and sophistication of...

Operation “Code on Toast”: A Deep Dive into TA-RedAnt’s Exploitation of Zero-Day Flaw (CVE-2024-38178)

Do Son December 1, 2024

North Korean-linked hacking group TA-RedAnt has been implicated in a sophisticated large-scale cyber attack dubbed “Operation Code...

ScarCruft Strikes: North Korea’s Cyber Espionage Against Media and Experts Unveiled ScarCruft threat actor

ScarCruft Strikes: North Korea’s Cyber Espionage Against Media and Experts Unveiled

Do Son January 22, 2024

In the intricate web of global cyber espionage, the activities of state-sponsored Advanced Persistent Threat (APT) groups...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

RokRAT

Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign

APT37 Escalates Cyber-Espionage on South Korea: New RoKRAT Backdoor Uses Stealthy LNK Files & Steganography

North Korean APT-C-28 Expands Cyber Espionage Campaign

South Korean CSOs Under Cyberattack: 3-Year Study

Operation “Code on Toast”: A Deep Dive into TA-RedAnt’s Exploitation of Zero-Day Flaw (CVE-2024-38178)

ScarCruft Strikes: North Korea’s Cyber Espionage Against Media and Experts Unveiled