APT37 Uses Internet Explorer Zero-Day to Spread Malware

  /     /     /  
Publicated : 23/11/2024   Category : security


APT37 Uses Internet Explorer Zero-Day to Spread Malware


IE is still a vector: South Koreans lured in with references to the deadly Halloween celebration crowd crush in Seoul last October.



North Korean threat group APT37 was able to exploit an Internet Explorer zero-day vulnerability to deploy documents loaded with malware as part of its ongoing campaign targeting users in South Korea, including defectors, journalists, and human rights groups.
Googles Threat Analysis Group (TAG) found the zero-day flaw in the Internet Explorer JScript engine in late October, tracked under CVE-2022-41128, and now reports that Microsoft was responsive and has issued applicable patches.
To lure in potential victims, the malicious documents referenced the deadly crowd crushing incident in Seoul that happened during Halloween celebrations on Oct. 29.
This incident was widely reported on, and the lure takes advantage of widespread public interest in the accident,
the TAG team reported
. This is not not the first time APT37
has used Internet Explorer
0-day exploits to target users.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
APT37 Uses Internet Explorer Zero-Day to Spread Malware