APT37 hacks gaming platform to spread new BirdCall Android spyware

📅 5 May 2026 at 09:09 UTC📰 Cyber InsiderView original source ↗

North Korean hackers compromised a gaming platform in a supply-chain attack, using trojanized Windows and Android games to deploy a previously undocumented mobile variant of its BirdCall spyware. Security researchers at ESET detailed the operation in a recent report, describing how the “ScarCruft” APT group, also known as APT37, embedded malware into legitimate game downloads. … The post APT37 hacks gaming platform to spread new BirdCall Android spyware appeared first on CyberInsider.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

ScarCruft (APT37) compromised a gaming platform, sqgame, to spread the new BirdCall Android spyware, targeting individuals connected to the Yanbian region in China. The attack involved supply-chain compromise and exploitation of legitimate game downloads.

⚙️Technical Details

Affected Systems

WindowsAndroid

Attack Vectors

Trojanized Windows updatesTampered with Android game APKsSupply-chain compromise via official website

💥Impact Assessment

Severity: High

Who Is at Risk

Individuals connected to the Yanbian region in China, including government entities and individuals of strategic interest

🛡️Recommended Actions

1Monitor for suspicious game downloads and updates

2Implement robust security controls on Android devices

3Regularly update Windows systems with trusted patches

📦Affected Products

sqgameYanbian-themed games

Read the full article

This is a curated summary. The complete article is available at Cyber Insider.

Read on Cyber Insider ↗

← Back to feed