North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

ESET researchers discovered a previously undocumented backdoor called Dolphin that was employed by North Korea-linked ScarCruft group (aka APT37, Reaper, and Group123) in attacks aimed at targets in South Korea. #ESETesearch discovered Dolphin, a sophisticated backdoor extending the arsenal of the #ScarCruft APT group. Dolphin has a wide range of spying capabilities and is deployed on selected targets only.https://t.co/M2LmS5bW7w 1/6 — ESET Research (@ESETresearch) November 30, 2022The Dolphin backdoor was used as the final payload of a multistage watering-hole attack in early 2021.