From thehackernews.com
![North Korea malware attack](https://thehackernews.com/images/-pRUNAry86ks/X_grxIbKNKI/AAAAAAAABbw/Kwa3e10hAfAA7wVYdzPTx3V3K-2btHBdgCLcBGAsYHQ/s728-e1000/malware-attack.jpg)
A North Korean hacking group has been found deploying the RokRat Trojan in a new spear-phishing campaign targeting the South Korean government.
Attributing the attack to APT37 (aka Starcruft, Ricochet Chollima, or Reaper), Malwarebytes said it identified a malicious document last December that, when opened, executes a macro in memory to install the aforementioned remote access tool (RAT).