A North Korean state-sponsored hacking group is now deploying a new malware that targets smartphones and personal computers to steal sensitive information and files. This group is the notorious APT37, also known as Erebus or RedEyes, with their latest threat first seen circulating since January, right at the start of the year.
Reports claim that this malware is capable of accessing your device and taking over it and centers on mobile devices and Windows-powered computers.
North Korean Hackers Deploy New Malware
According to AhnLab's latest report (via TechRadar), a new malware called "M2RAT" was recently circulating via phishing e-mails, deployed by one of the most notorious hacker gangs in the world, APT37.
The group used an old EPS vulnerability known as CVE-2017-8291, written in Hangul, a known South Korean word processor program typically used in the country.
The report claims that the hacker group's goal was to lure people into giving off their credentials which then target sensitive information from accessed platforms.
One of its most iconic features in the M2RAT is how it can search for portable devices connected to the computer using the compromised Windows endpoint.
APT37, the Notorious Threat Group
APT37 managed to develop this malware, which takes screenshots or record media on the said smartphone and automatically sends it to the connected PC.
It then converts these files into a RAR-protected file which it will then send to the threat actors for their collection and review. The malware is also capable of deleting this copy to avoid detection.
This hacker group is an active presence in the face of the internet, with its most recent activity linked to APT37 taking place last December 2022.
Threat Actors and Hacks
Malware and other viruses are all around us, and people are no longer safe if they are not careful about which sites or links to visit, as they could all have an underlying threat that masks itself. Even apps on the Google Play Store for Android devices are in massive trouble, especially as it was found that 34 programs contain malware and are awaiting its victims to download and install.
There are different malware attacks worldwide; among the most common are phishing scams, ransomware attacks, and exploiting zero-day vulnerabilities.
Among the notorious threat actors present in the world are North Korea and Russia, two known countries that were previously reported to have state-sponsored groups to carry out their bidding for them.
Safe internet use and media literacy is the key to avoiding getting hacked or accessed using their mobile devices. People are advised to take care of themselves amidst their online access to avoid getting these invasive techs.
Still, groups like APT37 are working tirelessly to develop new forms of hacking and luring people into installing its malware. Other methods may be something one does daily with their devices.
These state-sponsored hackers are notorious for their actions toward stealing information, with APT37's latest malware detected by security researchers.