MEDIUMApt
Global

North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware

·Source: The Record

Updated:

Executive Summary

Researchers at cybersecurity firm ESET attributed the campaign to APT37 and said the hackers used a backdoor attached to a suite of card games from a company called Sqgame.

Analysis

Researchers at cybersecurity firm ESET attributed the campaign to APT37 and said the hackers used a backdoor attached to a suite of card games from a company called Sqgame.
Source Attribution

Originally published by The Record on May 7, 2026.

Related Threats

MEDIUMApt

Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that's engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA), is assessed to be affiliated with Center 16 of Russia's Federal Security Service (FSB)

The Hacker News
MEDIUMApt

Mustang Panda Linked to New Modular FDMTP Backdoor

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/mustang-panda-linked-to-new-modular-fdmtp-backdoor-image_small-10-a-31696.jpg" align=right hspace=4><b>Researchers Say Nation-State Actors Are Evolving Persistence Techniques</b><br>An apparent Chinese nation-state hacking group gussied up its tooling with new modular functionality, say security researchers who observed a cyberesp

Bank Info Security
MEDIUMApt

Mustang Panda Linked to Updated FDMTP Backdoor in Asia-Pacific Espionage Campaign

Mustang Panda campaign deploys updated FDMTP backdoor against Asia-Pacific and Japan networks

Infosecurity Magazine