The North Korean state-sponsored hacking group APT37, also known as ScarCruft, launched a spear phishing campaign targeting activists focused on North Korean issues. Named “Operation: ToyBox Story” by Genians Security Center (GSC), this campaign exploited legitimate cloud services, primarily Dropbox, as command-and-control (C2) infrastructure to evade detection. The attackers delivered malicious shortcut (LNK) files disguised […]
The post APT37 Hackers Use Weaponized LNK Files and Dropbox for Command-and-Control Operations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform