North Korean hacking group weaponized MS Word document in spear phishing attack
APT37 deployed malicious macros in a move that goes beyond a popular South Korean office suite, new report says
SHARE
Image: NK Pro
A hacking group linked to North Korea that focused on South Korean file formats in past attacks started weaponizing Microsoft Word documents, security firm Malwarebytes Labs warned in a report on Wednesday. The researchers identified a malicious macro in a Korean-language Word file purporting to be an invitation that was “likely used to target the government of South Korea,” the report said.
The security company attributed the spear-phishing attack to a group known as APT37, Reaper, ScarCruft or Group 123. The malicious code found in the lure document eventually downloads and installs the Remote Access Trojan RokRat, which