New ScarCruft Supply Chain Attack Hits Gaming Platform With Windows and Android Backdoors
A North Korea-aligned threat group known as ScarCruft has been caught running a supply chain attack against a video gaming platform serving ethnic Koreans in China’s Yanbian region. The attackers planted backdoors in both Windows and And...
Kurzfassung
Warum das wichtig ist
- A North Korea-aligned threat group known as ScarCruft has been caught running a supply chain attack against a video gaming platform serving ethnic Koreans in China’s Yanbian region.
- The attackers planted backdoors in both Windows and Android versions of the platform’s games, turning a trusted service into a covert espionage tool.
- The campaign has likely been active since late 2024 and is focused on collecting personal data from individuals of interest to the North Korean regime, including refugees and defectors.
SvyTech-Check
Redaktionelle Einordnung
Kernpunkt
A North Korea-aligned threat group known as ScarCruft has been caught running a supply chain attack against a video gaming platform serving ethnic Koreans in China’s Yanbian region.
Warum relevant
Instead, the group appears to have accessed the platform’s web server and repackaged the original Android game files with malicious code.
Einordnung
SvyTech ordnet die Meldung aus Cyber Security News als Teil des Themenfelds Technologie ein und verweist auf den Originalartikel, damit Leser Fakten, Quelle und Kontext nachvollziehen koennen.
ScarCruft did not break into the game’s source code directly. Instead, the group appears to have accessed the platform’s web server and repackaged the original Android game files with malicious code.
Two of the Android games on the sqgame website were trojanized to carry the BirdCall backdoor, while the Windows client was hit through a malicious update package. The iOS version showed no signs of tampering, likely because Apple’s review process made it harder to target.
WeLiveSecurity analysts identified the full scope of this multiplatform supply chain attack, attributing it to ScarCruft with high confidence. The team noted that Android BirdCall was a new tool in the group’s arsenal and provided the first public analysis of the Android variant.
Technik und Auswirkungen
ESET telemetry confirmed the malicious Windows update had been active since at least November 2024, delivering the first-stage RokRAT backdoor, which then dropped the more capable BirdCall backdoor onto victim machines.
Quellenprofil
Quelle und redaktionelle Angaben
- Quelle
- Cyber Security News
- Canonical
- https://cybersecuritynews.com/new-scarcruft-supply-chain-attack-hits-gaming-platform/
- Quell-URL
- https://cybersecuritynews.com/new-scarcruft-supply-chain-attack-hits-gaming-platform/
Aehnliche Inhalte
Verwandte Themen und interne Verlinkung
Weitere Artikel aus aehnlichen Themenfeldern, damit Leser direkt im selben Kontext weiterlesen koennen.
Epic Games verliert legendären Designer während der Entwicklung der KI-zentrierten Unreal Engine 6
Epic Games plant mit der Unreal Engine 6 die Integration fortschrittlicher KI-Modelle wie Claude und Gemini sowie den Rückzug etablierter Systeme wie Blueprints, was in der Branche erhebliche Besorgnisse über Arbeitsplatzverluste und einen notwendigen Anpassungsprozess auslöst. Zudem verließ der seit 12 Jahren im Unternehmen tätige Level-Design-Legende Sjoerd Hourences de Jong sein Amt, was Beobachter als bemerkenswerter Hinweis auf die neuen KI-zentrierten Strategien werten, obwohl eine direkte Verbindung offiziell noch nicht bestätigt wurde.
22.06.2026
%2520and%2520its%2520trojanized%2520version%2520(right)%2520(Source%2520-%2520Welivesecurity).webp&ref=https%3A%2F%2Fcybersecuritynews.com%2Fnew-scarcruft-supply-chain-attack-hits-gaming-platform%2F&sig=YQt2yghftj_ubZFq4YHCyKuOySfof__TSdU-eV52ru0)
