{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihvy6ogh2jrpkm4cwehxogiuff2i2fiwbb2stal7pwdltrexlmgxq",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mg27nu65fyv2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreigdizpuuxogm2ezoprraa7wxhprrntph7nrc53dgipbjkwhjmzvc4"
    },
    "mimeType": "image/jpeg",
    "size": 151635
  },
  "path": "/north-korean-apt37-ruby-jumper-campaign-targets-air-gapped-systems/",
  "publishedAt": "2026-03-01T09:37:49.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "North Korean APT37 Ruby Jumper Campaign Targets Air-Gapped Systems",
    "VPN Central"
  ],
  "textContent": "North Korean APT37 (ScarCruft, Ruby Sleet) deployed Ruby Jumper malware to infect air-gapped networks. The campaign uses five new tools: RESTLEAF, SNAKEDROPPER, THUMBSBD, VIRUSTASK, and FOOTWINE. Attackers bridge internet-connected and isolated systems through USB drives. Zscaler ThreatLabz uncovered the operation targeting Arabic-speaking users. Malicious LNK files disguised as Palestine-Israel conflict documents start infections. RESTLEAF downloads […]\n\nThe post North Korean APT37 Ruby Jumper Campaign Targets Air-Gapped Systems appeared first on VPN Central.",
  "title": "North Korean APT37 Ruby Jumper Campaign Targets Air-Gapped Systems"
}