Hangeul malware using steganography: Red Eyes (ScarCruft)
released on 2023-02-15 @ 03:49:43 PM
The AhnLab Security Emergengy response Center (ASEC) analysis team confirmed in January that the RedEyes attack group (also known as APT37, ScarCruft) was distributing malicious code through the Hangul EPS (Encapsulated PostScript) vulnerability (CVE-2017-8291). did In this report, the latest domestic activities of the RedEyes group are shared.