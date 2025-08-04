SlowMist: Hacker group APT37 hides malware in JPEG image files to launch attacks Author: PANews Source: PANews 2025/08/04 13:08 Share

PANews reported on August 4th that, according to SlowMist's Chief Information Security Officer 23pds, citing an article from Genians, the North Korean-linked hacker group APT37 is using malware hidden within JPEG image files to launch attacks. This malware uses a two-stage encrypted shellcode injection method to hinder analysis. The attackers exploit shortcut files with a .lnk extension and embed Cmd or PowerShell commands within them to execute the attack. Efficient EDR monitoring optimized for detecting anomalous endpoint behavior is now crucial.