North Korea-aligned APT group ScarCruft compromises gaming platform in supply‑chain espionage attack, ESET Research finds

BRATISLAVA, Slovakia, May 05, 2026 (GLOBE NEWSWIRE) -- ESET researchers have uncovered a multiplatform supply-chain attack by North Korea-aligned APT group ScarCruft, targeting the Yanbian region in China – home to ethnic Koreans and a crossing point for North Korean refugees and defectors. In the attack, probably ongoing since late 2024, ScarCruft compromised Windows and Android components of a video game platform dedicated to Yanbian-themed games, trojanizing them with a backdoor. The backdoor, named BirdCall by ESET, was originally known to target Windows only; the Android version was later discovered as part of this supply-chain attack.