“a computer - specific key, " eset said. the android variant of birdcall, distributed as part of the sqgame [. ] net supply chain attack, incorporates a subset of its windows counterpart, while collecting contact lists, sms messages, call logs, media files, documents, screenshots,…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1055.001Dynamic-link Library Injection
75%
“' s more, evidence has emerged that an update package of the windows desktop client delivered a trojanized dll since at least november 2024 and for an unspecified period. the update package is no longer malicious. specifically, the modified dll included a downloader that checks t…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
60%
“a computer - specific key, " eset said. the android variant of birdcall, distributed as part of the sqgame [. ] net supply chain attack, incorporates a subset of its windows counterpart, while collecting contact lists, sms messages, call logs, media files, documents, screenshots,…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1219Remote Access Tools
52%
“' s more, evidence has emerged that an update package of the windows desktop client delivered a trojanized dll since at least november 2024 and for an unspecified period. the update package is no longer malicious. specifically, the modified dll included a downloader that checks t…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1574Hijack Execution Flow
43%
“' s more, evidence has emerged that an update package of the windows desktop client delivered a trojanized dll since at least november 2024 and for an unspecified period. the update package is no longer malicious. specifically, the modified dll included a downloader that checks t…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
43%
“2024, scarcruft compromised windows and android components of a video game platform dedicated to yanbian - themed games, trojanizing them with a backdoor, " the slovakian cybersecurity company said in a report shared with the hacker news ahead of publication. windows versions of …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China.
While prior versions of the backdoor have primarily targeted Windows users only, the supply chain attack is assessed to have enabled the