1. Forum
  2. tqwNet
  3. TQW GENTECH

  • North Korean hackers target gamers with trojanized platform - her

    From TechnologyDaily@1337:1/100 to All on Wednesday, May 06, 2026 23:30:28
    North Korean hackers target gamers with trojanized platform - here's what to look out for

    Date:
    Wed, 06 May 2026 22:20:00 +0000

    Description:
    Popular game platform was compromised and used to deliver backdoors.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter North Korean APT37 (ScarCruft) gang compromised a Yanbian gaming platform to deliver the BirdCall backdoor
    On Windows, it enabled data theft and command execution; on Android, it exfiltrated contacts, messages, media, and ambient audio The malware is actively maintained, with Android versions still hosted, targeting ethnic Koreans and defectors in China North Korean state-sponsored threat actors are apparently targeting their compatriots living in (or moving through) China with advanced Android backdoors across gaming platforms.

    A report from security researchers ESET claims to have seen an advanced supply-chain attack that probably began in late 2024. The threat actors, most likely ScarCruft (also known as APT37, or Reaper), managed to compromise SQgame, a multi-platform gaming service built specifically for the people of Yanbian. The Yanbian Korean Autonomous Prefecture is an autonomous prefecture in Chinas Jilin Province. It is located near the border with North Korea and Russia, and was established to give administrative autonomy to the large population of ethnic Koreans living there. According to ESET, Yanbian is also a key crossing point for North Korean refugees and defectors, which could be one of the reasons why its being targeted. Article continues below You may like 'Hundreds of thousands of stolen secrets could potentially be
    circulating as a result of these recent attacks': Google says North Korean hackers behind major attack on Axios Microsoft experts warn North Korean attackers are targeting macOS users Chinese hackers hide malware within Windows and Google Drive to hit government targets BirdCall malware "In the attack, probably ongoing since late 2024, ScarCruft compromised Windows and Android components of a video game platform dedicated to Yanbian-themed
    games, trojanizing them with a backdoor," ESET said.

    The backdoor is called BirdCall and, depending on the platform it is
    installed on, can do different things. On Windows, it can grab screenshots, log keystrokes, steal the contents of the clipboard, execute shell commands, and exfiltrate data. All of the stolen info is then uploaded to legitimate cloud services such as Dropbox or pCloud.

    On Android, things are a bit different, allowing ScarCruft to also exfiltrate contact lists, SMS messages, call logs, media files, documents, screenshots, and even ambient audio. So far, the malware was updated seven times, leading researchers to believe it is being actively maintained.

    ESET says that the platform is still hosting malicious games. However, these seem to be limited to the Android platform. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
    with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. The
    best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/north-korean-hackers-target-gamers-with -trojanized-platform-heres-what-to-look-out-for


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)