ScarCruft APT Trojanizes Gaming Platform in Supply-Chain Attack

APT37 compromised sqgame.net targeting ethnic Koreans in China, deploying BirdCall backdoor through trojanized Windows updates and Android apps while abusing Zoho WorkDrive for command-and-control to exfiltrate contacts, SMS logs, screenshots, and documents from defectors and refugees.