{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihjskkcfrtb6hlfhpmddh4lviiv4dnvi3l3zabt4xnkfwxt6wamty",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mjesojzgq5o2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreie755aopaxm7yimieqed4vtip3fx62wskgaxngy3iqlgno5i562u4"
    },
    "mimeType": "image/jpeg",
    "size": 112826
  },
  "path": "/2026/04/north-koreas-apt37-uses-facebook-social.html",
  "publishedAt": "2026-04-13T09:15:00.000Z",
  "site": "https://thehackernews.com",
  "textContent": "The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. \"The threat actor used two Facebook",
  "title": "North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware"
}