North Korea-linked APT 37 used Zoho WorkDrive and USB malware to breach air-gapped networks in the Ruby Jumper campaign. North Korean group ScarCruft (aka APT37, Reaper, and Group123) deployed new tools in a campaign dubbed Ruby Jumper, using a backdoor that leverages Zoho WorkDrive for C2 and a USB-based implant to breach air-gapped systems. Zscaler ThreatLabz […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/188767/apt/apt37-combines-cloud-storage-and-usb-implants-to-infiltrate-air-gapped-systems.html
