Threat Intelligence Report

Analysis of APT37 Attack Case Disguised as a Think Tank for National Security Strategy in South Korea (Operation. ToyBox Story)

📅 September 8, 2025 📰 www.genians.co.kr 🔍 1 CVE(s) referenced

APT37, a North Korean state-sponsored group, is actively targeting activists with sophisticated spear phishing campaigns that exploit trusted cloud services for fileless RoKRAT malware delivery and command-and-control, evading traditional antivirus detection.

vendor

CVE-2022-41128

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle