Bleeping Computer

ScarCruft hackers push BirdCall Android malware via game platform

Bill Toulas · 1 day ago · Read original ↗

ATT&CK techniques detected

3 predictions

T1056.001Keylogging

100%

“##uft and documented since 2021. the windows version can record keystrokes, take screenshots, steal from the clipboard, exfiltrate files, and execute commands. the campaign identified by eset introduces a previously undocumented version of birdcall developed for android, which wa…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1056.001Keylogging

98%

“scarcruft hackers push birdcall android malware via game platform the north korean hacker group apt37 has been delivering an android version of a backdoor called birdcall in a supply - chain attack through a video game platform. while birdcall is a known backdoor for windows syst…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1204.002Malicious File

98%

“local time - plays a silent mp3 in a loop to prevent the suspension of its process - exfiltrates files from a specified directory eset ’ s analysis shows that the android version of birdcall does not feature all the commands present in the windows version yet. missing capabilitie…”

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform. [...]