<ul><li>North Korean hackers linked to the APT37 group have been using the VeilShell malware in their attacks targeting Southeast Asia.</li><li>The APT37 group, also known as InkySquid, Reaper, RedEyes, Ricochet Chollima, or Ruby Sleet, has connections with North Korea’s Ministry of State Security.</li><li>The SHROUDED#SLEEP campaign by APT37 involves phishing attacks using ZIP files containing malicious LNK files as initial payloads.</li><li>The VeilShell malware allows attackers to gain full control over compromised systems through its extensive RAT features.</li></ul>

Shrouded#Sleep Campaign Detection: North Korean Hackers Linked to the APT37 Group Use New VeilShell Malware Targeting Southeast Asia

Discover more