North Korean APT Group ScarCruft Conducts Supply-Chain Attack on Gaming Website Targeting Yanbian Region

ESET reported that a North Korean advanced persistent threat (APT) group compromised a gaming website targeting the Yanbian region, conducting a supply-chain attack by trojanizing Windows and Android software. The attackers distributed malicious versions of legitimate applications to spy on users. The campaign is attributed to the ScarCruft group (also known as APT37), which deployed the "Birdcall" malware. No specific dates, CVE IDs, or technical indicators were disclosed in the report. The impact includes unauthorized surveillance of affected users through infected gaming platforms.