Ever feel comfortable on your computer and then hear about a new virus? Sound familiar? Well, that is happening now. A hacker group labelled as APT37, associated with North Korea, has made new malware using Rust and Python, primarily targeting Windows systems.
• Rust malware is harder for antivirus to detect.
• Python malware is very flexible and customizable.
• Together they create a strong and inconspicuous combo.
This is similar to moving from an old lockpick to simply a master key that opens nearly anything.
• Targets Windows PCs.
• Spread via phishing emails and fake files.
• Gathers things like passwords, files, and system data.
Let’s face it – we’ve all received those fake “delivery failed” and “click here for details” emails. That’s how they lure people.
Think of it like exchanging an old car for a sports car—it's the same trip, except faster and harder to stop.
A few caveats to remember to keep yourself safe:
• Do not click on weird links in your emails!
• Keep Windows and your anti-virus updated!
• Where possible, use two-step login (MFA)!
Who is APT37?
APT37, otherwise known as Reaper, has been around for a while. APT37 typically target governments, activists and particular industries, such as defense, energy, etc. They are not just a typical hacker group, they are a sophisticated and capable adversary.What is different this time?
Historically, APT37 utilized older toolsets. However, this time they are using Rust and Python malware. Why is this alarming?• Rust malware is harder for antivirus to detect.
• Python malware is very flexible and customizable.
• Together they create a strong and inconspicuous combo.
This is similar to moving from an old lockpick to simply a master key that opens nearly anything.
How is it transmitted?
• Malware• Targets Windows PCs.
• Spread via phishing emails and fake files.
• Gathers things like passwords, files, and system data.
Let’s face it – we’ve all received those fake “delivery failed” and “click here for details” emails. That’s how they lure people.
Why Python and Rust?
Hackers appreciate having easy to adopt and powerful tools. Rust is faster and more secure. Python is simple and versatile. Together, APT37 can move quickly and conceal itself better.Think of it like exchanging an old car for a sports car—it's the same trip, except faster and harder to stop.
Are you worried?
If you're not a targeted entity, you are probably safe! However, here's the downside: as soon as a hacker develops a new trick, other hackers will copy them! So we all need to be cautious!A few caveats to remember to keep yourself safe:
• Do not click on weird links in your emails!
• Keep Windows and your anti-virus updated!
• Where possible, use two-step login (MFA)!
