Infosecurity Magazine
North Korean APT Targets Yanbian Gamers via Trojanized Platform
ATT&CK techniques detected
T1195.001Compromise Software Dependencies and Development Tools
46%
“the researchers traced to a card game called yanbian red ten distributed directly from the sqgame website. a second android title hosted on the same platform, new drawing, was also found to carry the same malicious code. on windows, telemetry showed that an update package for the…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1583.001Domains
39%
“north korean apt targets yanbian gamers via trojanized platform a north korea - aligned espionage group has compromised a regional gaming platform serving ethnic koreans in china. the windows and android software hosted on the site was trojanized with a previously undocumented mo…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
37%
“between october 2024 and june 2025. eset said operators recompiled or repackaged legitimate game apks with malicious code rather than gaining access to source code, modifying androidmanifest. xml to redirect the entry point through the backdoor before launching the original game …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
ESET warns that North Korean hackers compromised a Yanbian gaming site in a supply‑chain attack, trojanizing Windows and Android software to spy on users