Threat Intelligence Report

Operation HanKook Phantom: APT37 Spear-Phishing Campaign

📅 September 3, 2025 📰 www.seqrite.com 🔍 0 CVE(s) referenced

North Korean APT37 is actively targeting South Korean government, academic, and research sectors with sophisticated spear-phishing campaigns that use malicious LNK files, fileless PowerShell execution, and stealthy cloud-based exfiltration to conduct long-term espionage and intelligence theft.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle