NORTH KOREAN HACKERS DEPLOY ANDROID MALWARE VIA GAME PLATFORM

The malware campaign leverages a game distribution platform to deliver BirdCall, a backdoor that grants attackers remote access to infected devices. By compromising the platform itself rather than targeting users directly, the threat actors significantly expand their reach and credibility. BirdCall previously appeared as a backdoor targeting Windows systems. The Android variant maintains similar functionality, allowing attackers to execute commands, exfiltrate data, and maintain persistent access to compromised devices. APT37 is known for conducting cyberespionage operations targeting government, defense, and financial sectors across multiple countries. The group has historically used supply-chain compromises to distribute malware at scale. Security researchers recommend users verify application sources, keep Android devices updated, and monitor for suspicious permissions requested by installed apps. Organizations should review their supply-chain security practices and implement additional verification layers for third-party software distribution.