ScarCruft hackers push BirdCall Android malware via game platform
ATT&CK techniques detected
T1056.001Keylogging
100%
“##uft and documented since 2021. the windows version can record keystrokes, take screenshots, steal from the clipboard, exfiltrate files, and execute commands. the campaign identified by eset introduces a previously undocumented version of birdcall developed for android, which wa…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1056.001Keylogging
98%
“scarcruft hackers push birdcall android malware via game platform the north korean hacker group apt37 has been delivering an android version of a backdoor called birdcall in a supply - chain attack through a video game platform. while birdcall is a known backdoor for windows syst…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
98%
“local time - plays a silent mp3 in a loop to prevent the suspension of its process - exfiltrates files from a specified directory eset ’ s analysis shows that the android version of birdcall does not feature all the commands present in the windows version yet. missing capabilitie…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform. [...]