#VeilShell

DPRK’s APT37 Targets Cambodia With Khmer, ‘VeilShell’ Backdoor

by

October 3, 2024 at 09:03PM APT37, a North Korean state-sponsored threat actor, has targeted Cambodian organizations with a new campaign called “Shrouded#Sleep.” Through spreading malicious emails related to Cambodian affairs in the Khmer language, APT37 introduces a backdoor called “VeilShell” disguised as shortcut files in an infection routine. This campaign demonstrates sophisticated persistence and stealth … Read more

North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

by

October 3, 2024 at 09:45AM Threat actors linked to North Korea have been identified launching a new campaign named SHROUDED#SLEEP targeting Cambodia and other Southeast Asian countries using the VeilShell backdoor and RAT. The group, APT37, is associated with North Korea’s MSS and uses varied tactics for intelligence gathering. The campaign involves sophisticated techniques and … Read more