North Korean risk group APT37 was in a position to exploit an Web Explorer zero-day vulnerability to deploy paperwork loaded with malware as a part of its ongoing marketing campaign focusing on customers in South Korea, together with defectors, journalists, and human rights teams.
Google’s Risk Evaluation Group (TAG) discovered the zero-day flaw within the Web Explorer JScript engine in late October, tracked underneath CVE-2022-41128, and now experiences that Microsoft was responsive and has issued relevant patches.
To lure in potential victims, the malicious paperwork referenced the lethal crowd crushing incident in Seoul that occurred throughout Halloween celebrations on Oct. 29.
“This incident was broadly reported on, and the lure takes benefit of widespread public curiosity within the accident,” the TAG staff reported. “This isn’t not the primary time APT37 has used Web Explorer 0-day exploits to focus on customers.”
