lazarusholic
"Analysis of APT37 Attack Case Disguised as a Think Tank for National Security Strategy in South Korea (Operation. ToyBox Story)" published by Genians. #APT37, #LNK, #ToyBoxStory, #RokRAT, #DPRK, #CTI https://www.genians.co.kr/en/blog/threat_intelligence/toybox-story
Analysis of APT37 Attack Case Disguised as a Think Tank for National Security Strategy in South Korea (Operation. ToyBox Story)

APT37 used Dropbox to spread ZIP files with malicious LNK files that filelessly executed RoKRAT and triggered extra malware with the keyword ‘toy’.

May 12, 2025 at 1:30pmWeb