The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT.”The threat actor used two Facebook
First seen on thehackernews.com
Jump to article: thehackernews.com/2026/04/north-koreas-apt37-uses-facebook-social.html
