The podcast describes ScarCruft as a North Korean state-backed hacking unit focused on espionage against journalists, dissidents, cybersecurity experts, and organizations that report on North Korea. Daily NK, a Seoul-based outlet with defectors on staff and reporting broadcast back into North Korea, is presented as a recurring target because its work reveals information the regime wants suppressed. The attackers used a watering-hole compromise against Daily NK, lying in wait on the outlet’s systems and attempting to exploit readers with outdated browsers rather than causing visible disruption. Volexity is cited as finding that the attackers remained undetected in Daily NK’s network for four months, underscoring ScarCruft’s emphasis on stealthy intelligence collection over noisy destructive activity.