Home » News » North Korean hackers lured S. Korean victims with fake Itaewon documents containing malware

North Korean hackers lured S. Korean victims with fake Itaewon documents containing malware

December 09, 2022 By Monica Green
(Image Credit Google)
North Korean hackers are responsible for an Internet Explorer zero-day vulnerability attack, as reported. Google's Threat Analysis Group initially made this information available to the general public. According to sources, the alleged virus is mostly used by North Korean agents to attack South Korean victims. A zero-day vulnerability is a system or device flaw that has been publicly disclosed but has not yet been patched. An exploit that targets a zero-day vulnerability is known as a zero-day exploit. The suspected hackers spread malware using the Explorer zero-day by masking it as a controversial paper. Google's Threat Analysis Group (TAG) identified the vulnerability in late October. It has been established that it was added to malicious documents and used to target people in South Korea. TAG connects this conduct to APT37, a group of actors with support from the North Korean government. These malicious pages were made using the Internet Explorer 0-day vulnerability CVE-2022-41128 in the JScript engine. British Hacker Daniel Kaye Allegedly Ran “The Real Deal” Dark Web Store. TAG claims that APT37 has previously used Internet Explorer 0-day exploits to target victims. The group has previously targeted South Korean users, North Korean defectors, decision-makers, journalists, and advocates for human rights. Also Read: TikTok banned in state-owned devices in South Dakota by governor, posed threat to national security

Hackers Conceal Victims With Fake Itaewon Incident Documents

Through a Microsoft Office document posted to VirusTotal in late October, numerous South Korean users informed TAG about the new threat. This strategy has been used to disseminate IE exploits through Office files since 2017, according to Clement Lecigne and Benoit Sevens of the Google TAG team.  It is not necessary for the victim to use Internet Explorer as its primary browser or to link the exploit with an EPM sandbox escape in order for this vector to deliver IE exploits.

By Monica Green

I am specialised in latest tech and tech discoveries.

Leave a Reply

You must be logged in to post a comment.
Latest News

Walmart's GenAI Search Engine: Challenging Google's Dominance in Retail Search
March 12, 2024

Introducing the MSI Claw Handheld: Your Ultimate Gaming Companion
March 12, 2024

Uber Increases In-App Ads, Prompting Mixed Reactions from Customers
March 12, 2024

Apple's iOS 18: A Leap into the AI Era
March 12, 2024

Google's Regular Pixel 8 Won't Get Gemini Nano AI
March 12, 2024

MacBook Air M3 Makes Amends for M2's Storage Blunder
March 11, 2024

Samsung Unveils the Galaxy M15 5G
March 11, 2024

Elon Musk's xAI to Open-Source Chatbot Grok
March 11, 2024

Contra: Operation Galuga - A Modern Run-and-Gun Classic
March 11, 2024

Musk Confirms X's TV App Arrives This Week
March 11, 2024
RELATED NEWS
Multinational Firm Loses $25M in Elaborate Deepfake Scam Impersonating CEO and CFO

A global business headquartered in Hong Kong has b...

news-extra-space
Cyberattack Strikes Fulton County, Disrupting Trump Prosecution Case

In a surprising turn of events, Fulton County, Geo...

news-extra-space
The FBI has shut down one of the world's largest cybercrime platforms.

Image Credit: The 420 In a global police operat...

news-extra-space
The founder of Cash App, MobileCoin CPO Bob Lee, was killed in San Francisco's Rincon Hill: Report

Image Credit: Yahoo According to his current co...

news-extra-space
Cash App's Bob Lee Case: Police Chief in SF issued statement following the tragic stabbing

Image Credit: DNyuz The day after Cash App inve...

news-extra-space
For many years, these alcohol counseling businesses disclosed patient information to marketers.

Image Credit: iTech Post Online alcohol treatme...

news-extra-space
2
3
4
5
6
7
8
9
10