Background and context
North Korea-linked threat group APT37, also known as ScarCruft and Reaper, has added fresh malware and delivery components to its arsenal, with new research indicating a focus on reaching systems that are intentionally isolated from the public internet. According to reporting by Infosecurity Magazine, citing Zscaler ThreatLabz, researchers identified five new tools associated with the group, including capabilities relevant to compromising air-gapped environments [1].
That matters because air-gapped networks are not ordinary enterprise segments. They are typically reserved for sensitive government, defense, industrial, research, and critical infrastructure operations where direct internet connectivity is considered too risky. The assumption behind an air gap is simple: if a system cannot talk to the outside world, remote attackers have a much harder time reaching it. History has shown that this assumption is only partly true. Malware can still cross that divide through removable media, transfer stations, supply-chain weaknesses, or users and administrators who move files between connected and isolated systems [1][4].
APT37 has been on defenders’ radar for years. Google-owned Mandiant previously described the group as a North Korea-nexus espionage actor that has targeted South Korea, Japan, Vietnam, the Middle East, and other regions, often using spearphishing, credential theft, and custom malware families such as RokRAT [2]. MITRE ATT&CK also tracks the group’s use of social engineering, persistence mechanisms, and data collection tradecraft across multiple campaigns [3]. The latest findings suggest APT37 is continuing that pattern while investing in tooling for more difficult operational environments.
What Zscaler found
The public summary from Infosecurity Magazine does not list all five newly discovered tools by name, but it says Zscaler ThreatLabz observed an expanded toolkit that can support intrusions into air-gapped networks [1]. Based on the reporting, this does not appear to be a single malware sample or one-off lure. Instead, it points to a broader toolchain: loaders, implants, and transfer-oriented components that can move through intermediary systems and removable media before reaching a protected host.
That distinction is important. Air-gapped compromise rarely works as a one-step attack. It usually involves a staged intrusion chain. An attacker first compromises an internet-connected machine used by a target organization or contractor. From there, malware can monitor for USB insertion, copy itself or a staged payload to removable media, and wait until that device is inserted into an isolated workstation. Once execution occurs inside the restricted environment, a second-stage payload can establish persistence, enumerate files, gather system details, and prepare data for later extraction when media is reconnected to a bridge system [1][4].
In practical terms, defenders should think of this as malware designed for “store-and-forward” operations rather than traditional command-and-control. Instead of issuing live instructions over the network, the malware may queue tasks, collect results locally, and rely on physical movement of storage devices to carry data in or out. This model is slower, but it can be effective against organizations that depend on human workflows to move information between trust zones.
Technical details in plain language
Because the available summary does not include file hashes, registry paths, mutexes, or command-and-control infrastructure, any deep reverse-engineering claims would be premature. Still, the tradecraft described by Zscaler fits a familiar pattern in advanced espionage operations.
First, there is likely a loader or dropper component. Its job is to execute with minimal visibility, verify the environment, and unpack or install the next payload. Second, there is usually a persistence module, which may rely on scheduled tasks, startup entries, services, or side-loading techniques to survive reboots. Third, there are reconnaissance and collection functions: gathering hostnames, user accounts, attached drives, document types, and system configuration data. Finally, there is some method for delayed exfiltration, often by copying encrypted archives or disguised files onto removable media for later pickup [1][3].
Air-gapped malware often includes anti-analysis features as well. Threat actors know these tools may be inspected in sandboxes or malware labs, so they may delay execution, check for debugging artifacts, or require specific environmental triggers before deploying their full capability. If APT37’s new tools follow the group’s historical pattern, they may also blend into user workflows, using decoy documents, benign-looking filenames, or staged execution to reduce suspicion [2][3].
One unanswered question is whether the chain depends on software vulnerabilities or mostly on user action and weak media controls. The current reporting does not cite a specific CVE, and that absence matters. Many high-profile intrusions into isolated environments do not begin with a zero-day at all. They begin with phishing, a compromised contractor system, a trusted file transfer process, or a USB device that is assumed to be safe. In other words, segmentation helps, but it does not replace endpoint security, monitoring, and disciplined operational procedures.
Why air-gapped targeting raises the stakes
Targeting an air-gapped environment usually signals a higher-value objective. Attackers do not spend time building removable-media propagation and offline collection workflows unless they expect the target network to contain information worth the extra effort. That could mean defense planning documents, weapons research, industrial process data, intelligence reporting, or policy material.
For North Korean operators, this aligns with a long record of espionage-driven targeting. APT37 has historically focused on governments, defense organizations, policy experts, and regional strategic interests, especially around the Korean Peninsula [2][3]. If the group is now broadening its toolkit for isolated systems, likely targets include ministries, military contractors, research labs, and industrial operators that maintain restricted enclaves for sensitive projects.
The severity is therefore high, even without named victims. A successful intrusion into an air-gapped network can undermine one of the strongest architectural controls an organization has. It may also remain undetected longer than a conventional breach because defenders often have less telemetry inside isolated environments. Some air-gapped systems are lightly monitored by design, run older software to preserve compatibility, or allow only limited security tooling. That combination can create blind spots that espionage actors exploit.
Impact assessment
Who is affected: The most exposed organizations are those that rely on removable media or transfer stations to move data between connected and isolated systems. That includes government agencies, defense contractors, manufacturers with sensitive production networks, research institutions, and operators of critical systems. Individual employees at risk include administrators, engineers, contractors, and analysts who regularly bridge those environments.
How severe: For ordinary consumers, the immediate risk is low. For organizations with segmented networks, the risk is significant. Air-gapped compromise can lead to long-term espionage, theft of sensitive files, tampering with operational data, and loss of trust in supposedly isolated systems. Even if the malware is “only” collecting documents, the strategic value of those documents can be enormous.
What makes it hard to detect: Traditional network-based detection is less effective when malware is not using direct internet command-and-control. Defenders need host-level visibility, media insertion logging, and forensic review of transfer workflows. If data is staged locally and leaves on a USB drive, perimeter monitoring may never see it.
How to protect yourself
Organizations with isolated networks should review the assumption that “offline” means “safe.” A more realistic model is that the air gap reduces remote attack paths but increases the importance of physical, procedural, and endpoint controls.
1. Lock down removable media. Disable USB storage where possible. Where it is required, use approved devices only, tied to specific users and business processes. Log every insertion event and file transfer. Consider dedicated scanning kiosks before media enters a restricted zone [4].
2. Harden transfer stations. Systems used to move files across trust boundaries should be treated as high-risk assets. Limit software, enforce application allowlisting, and monitor them more aggressively than ordinary workstations. If possible, use one-way transfer controls or formal cross-domain procedures rather than ad hoc copying.
3. Extend endpoint monitoring into isolated environments. Even without internet connectivity, isolated hosts can generate local logs for later collection. Watch for unusual process execution, scheduled task creation, new services, suspicious archive creation, and unexpected access to removable drives.
4. Train the people who bridge the gap. Engineers, administrators, and contractors who move files between environments are a prime target. Security awareness should focus on malicious documents, unexpected file requests, and handling of external media. Human workflow is often the weak point in an air-gap design.
5. Use strong data protection. Sensitive files transferred between zones should be validated, signed where feasible, and protected with modern encryption. That will not stop malware execution by itself, but it can reduce the chance of unauthorized reading or tampering during transit.
6. Segment internally, not just externally. An air-gapped enclave should still have internal separation between user systems, admin systems, and high-value repositories. If one host is compromised through a USB-borne payload, that should not automatically grant access to everything else.
7. Review remote and contractor access paths. Air-gapped environments are often supported by vendors or staff who also work on internet-connected systems. Audit those relationships carefully. A compromised contractor laptop can become the first stepping stone into a restricted network.
8. Protect the connected side too. The chain often begins outside the air gap. Patch internet-facing systems, strengthen email defenses, enforce multifactor authentication, and use reputable privacy and VPN service options for staff working remotely to reduce exposure on untrusted networks.
The bigger picture
Zscaler’s findings add to a broader pattern: North Korean threat actors continue to refine specialized malware for intelligence collection, and they are willing to invest in the slower, more deliberate methods needed to reach protected environments [1][2]. For defenders, the lesson is not that air gaps are useless. It is that they are only one layer, and one that can be bypassed when removable media, transfer workflows, and trusted intermediaries are not tightly controlled.
APT37’s expanded toolkit is a reminder that state-backed groups do not always need flashy zero-days or noisy destructive attacks to succeed. Sometimes the most effective path into a sensitive network is a patient, staged operation that follows the same route as legitimate work.
