North Korea’s APT37 Uses Facebook to Deploy RokRAT

North Korea’s APT37 uses Facebook as a strategic tool in a recent cyber campaign, according to cybersecurity researchers. Known as ScarCruft, this group engages in social engineering by friending targets on Facebook. They exploit this connection to deploy RokRAT, a potent remote access trojan.

This multi-stage attack showcases the evolving tactics of APT37, as they transform trust-building activities on social media into cyber threats. The hackers initiate contact on Facebook to gain the victim’s confidence before delivering malware. This technique demonstrates the persistent threat posed by cybercriminals who leverage everyday interactions for malicious purposes.

Researchers continue to monitor APT37’s activities closely as they refine their social engineering techniques. As attacks grow more sophisticated, staying informed becomes crucial for potential targets.

For more insights into this cyber campaign and to understand the broader implications, readers are encouraged to visit the complete article at the following link for detailed coverage and expert analysis.

https://thehackernews.com/2026/04/north-koreas-apt37-uses-facebook-social.html