North Korean-state sponsored hackers, known as ScarCruft, are targeting Bluetooth devices with a new strain of malware. The malware can “identify connected Bluetooth devices, to collect vast amounts of information from its targets,” according to a Kaspersky Lab report released May 13. The malware “that the group created which fingerprints Bluetooth devices using the Windows Bluetooth API,” Kaspersky said. While the ScarCruft hackers previously targeted government entities and companies with links to the Korean peninsula, its latest activity shows signs that the “threat actor is evolving, testing new exploits, developing an interest in data from mobile devices, and showing resourcefulness in adapting legitimate tools and services to its cyberespionage operations.” The new attack begins with “spear-phishing or strategic website compromise – also known as ‘watering-hole’ attacks – using an exploit or other tricks to infect certain visitors,” Kaspersky said.

Read More About
About
Kate Polit
Kate Polit
Kate Polit is MeriTalk's Assistant Copy & Production Editor covering the intersection of government and technology.
Tags