ScarCruft Compromised Gaming Platform, Expanded BirdCall Backdoor to Android and Windows

Colleagues, note: ScarCruft deployed the BirdCall backdoor by compromising a gaming platform used by ethnic Koreans in the Yanbin area.
- ESET reports a supply‑chain attack on sqgame.net: APKs of two Android games were replaced; a Windows update previously included a trojanized DLL.
- BirdCall is now multi‑platform: harvests contacts, SMS, calls, files, screenshots, records audio and keylogs; C2 via legitimate cloud services.
- Likely active since late 2024, targeting vulnerable communities and activists.
Why it matters: supply chains and mobile APKs are critical entry points.
What are you doing to secure downloads and updates?
#cybersecurity #supplychain #malware #threatintelligence


Latest comments
No comments yet.