{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreib4trx6upbjwetqoe2d3hz7uwmt22bil2na5gutndpl7xeif6lwq4",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mjg5vfu4rzj2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreiaror4e6mudi7uocf7jdzjlvbbdjfkxj75rfn2z2wgkirjbzqies4"
    },
    "mimeType": "image/webp",
    "size": 47928
  },
  "path": "/apt37-uses-facebook-telegram-and-a-trojanized-pdf-installer-in-a-new-targeted-intrusion-campaign/",
  "publishedAt": "2026-04-13T17:13:51.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "APT37 uses Facebook, Telegram, and a trojanized PDF installer in a new targeted intrusion campaign",
    "VPN Central"
  ],
  "textContent": "North Korea-linked threat group APT37 has launched a new targeted intrusion campaign that starts on Facebook, shifts to Telegram, and ends with a trojanized PDF installer that quietly compromises the victim. Genians Security Center says the operation relied on trust-building, pretexting, and a tampered Wondershare PDFelement installer to deliver malware without raising immediate suspicion. The […]\n\nThe post APT37 uses Facebook, Telegram, and a trojanized PDF installer in a new targeted intrusion campaign appeared first on VPN Central.",
  "title": "APT37 uses Facebook, Telegram, and a trojanized PDF installer in a new targeted intrusion campaign"
}