The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks.
The campaign, codenamed Ruby Jumper by Zscaler ThreatLabz, involves the deployment of malware The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks.
The campaign, codenamed Ruby Jumper by Zscaler ThreatLabz, involves the deployment of malware The Hacker News
