Alias Description | Votes |
---|---|
APT37 is a possible alias for ScarCruft. APT37, also known as RedAnt, RedEyes, ScarCruft, and Group123, is a threat actor suspected to be backed by North Korea. It has been active since at least 2012, primarily targeting South Korea across various industry verticals such as chemicals, electronics, manufacturing, aerospace, automotive, and | 8 |
Reaper is a possible alias for ScarCruft. Reaper, also known as APT37, Inky Squid, RedEyes, or ScarCruft, is a threat actor group attributed to North Korea. It deploys ROKRAT, a malicious tool that has been used in cyber exploitation since the 1970s. This group is also tied to the NOKKI malware family, which originated from research surroun | 6 |
Group123 is a possible alias for ScarCruft. Group123, also known as APT37, RedAnt, RedEyes, ScarCruft, Inky Squid, and Reaper, is a threat actor group associated with North Korea. This group has demonstrated a variety of technical capabilities in their intrusions, primarily targeting government entities. Mandiant Threat Intelligence and AhnLa | 3 |
RedEyes is a possible alias for ScarCruft. RedEyes, also known as APT37, TA-RedAnt, Reaper, ScarCruft, Group123, InkSquid, BadRAT, and Ricochet Chollima, is a North Korea-linked threat actor known for its malicious cyber activities. It recently exploited an Internet Explorer zero-day vulnerability (CVE-2024-38178 with a CVSS score of 7.5) in | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The ROKRAT Malware is associated with ScarCruft. RokRAT is a form of malware that has been utilized in cyber-espionage campaigns primarily targeting South Korean entities. It is typically delivered via phishing emails containing ZIP file attachments, which contain LNK files disguised as Word documents. When the LNK file is activated, a PowerShell | Unspecified | 5 |
The Opencarrot Malware is associated with ScarCruft. OpenCarrot is a malicious software (malware) that targets Windows operating systems, enabling unauthorized access and control over infected machines. Identified by IBM XForce, it has been linked to the activities of the Lazarus Group, a North Korean cyber threat operation known for its sophisticated | Unspecified | 2 |
The BLUELIGHT Malware is associated with ScarCruft. The BLUELIGHT malware, first observed in early 2021, was used as the final payload in a multistage attack. This attack involved a watering-hole assault on a South Korean online newspaper, an Internet Explorer exploit, and another ScarCruft backdoor. The attack process included multiple components li | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Kimsuky Threat Actor is associated with ScarCruft. Kimsuky is a threat actor group linked to North Korea, known for its malicious cyber activities with a particular focus on espionage. The group has been observed employing a variety of sophisticated tactics and techniques, including the use of malware such as TOGREASE, GREASE, and RandomQuery, which | Unspecified | 2 |
The Lazarus Group Threat Actor is associated with ScarCruft. The Lazarus Group, a notorious threat actor attributed to North Korea, is renowned for its malicious activities aimed at furthering the country's objectives. This group has been implicated in several high-profile cyber-attacks, including an attack in Spain known as Operation DreamJob. The exploitati | Unspecified | 2 |
The Bluenoroff Threat Actor is associated with ScarCruft. BlueNoroff, a threat actor group linked to North Korea, has been identified as the malicious entity behind several high-profile cyber-attacks. Since first making headlines with an attack on Sony Pictures in 2014, BlueNoroff and its parent group Lazarus have been involved in numerous notorious securi | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The vulnerability CVE-2018-4878 is associated with ScarCruft. | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 8 months ago | ||
DARKReading | 8 months ago | ||
BankInfoSecurity | 10 months ago | ||
CERT-EU | 10 months ago | ||
Checkpoint | a year ago | ||
DARKReading | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
DARKReading | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |