IOC pivotioc · domain
jquery[.]services
KP · DPRKAPT37confidence · high
APT37 / InkySquid C2 root. Subdomains ui.jquery.services and storage.jquery.services served BLUELIGHT loader scripts via a strategic web compromise of South Korean news site dailynk.com starting April 2021. Reported by Volexity.
- family
- BLUELIGHT
- first seen
- Mar 31, 2021
- publisher
- Volexity