Researchers claim that the North Korean hacker group ScarCruft is using new malware named RokRat.
The malware is targeting organizations in Southeast Asia.
RokRat is a remote access trojan that allows attackers to take control of infected systems and steal data.
- The malware is distributed through spear-phishing emails that breach targets by having the victims click on malicious attachments or links.
- Researchers believe that ScarCruft is part of a larger cyber espionage campaign being carried out by North Korea, which is targeting organizations in Southeast Asia as part of its ongoing efforts to circumvent international sanctions.
ScarCruft has previously been linked to a number of high-profile cyber attacks, including stealing classified military data from South Korea in 2016.
