North Korean risk group APT37 was capable of exploit an Internet Explorer zero-day vulnerability to deploy paperwork loaded with malware as a part of its ongoing marketing campaign concentrating on customers in South Korea, together with defectors, journalists, and human rights teams.
Google’s Threat Analysis Group (TAG) discovered the zero-day flaw within the Internet Explorer JScript engine in late October, tracked beneath CVE-2022-41128, and now experiences that Microsoft was responsive and has issued relevant patches.
To lure in potential victims, the malicious paperwork referenced the lethal crowd crushing incident in Seoul that occurred throughout Halloween celebrations on Oct. 29.
“This incident was broadly reported on, and the lure takes benefit of widespread public curiosity within the accident,” the TAG group reported. “This will not be not the primary time APT37 has used Internet Explorer 0-day exploits to focus on customers.”