North Korea exploits Itaewon tragedy for zero-day malware attack: Google



News North Korea exploits Itaewon tragedy for zero-day malware attack: Google Researchers say ScarCruft used deadly event as lure for phishing campaign targeting Internet Explorer vulnerability Ethan Jewell December 8, 2022 SHARE COPY LINK FACEBOOK X LINKEDIN MASTODON Overcrowding in the streets of Seoul's Itaewon district the night of the crush, Oct. 29, 2022 \| Image: Watchers Club (CC BY 3.0) North Korean hackers used the deadly crush in Seoul’s Itaewon district as a lure in a malicious phishing campaign, researchers said Wednesday, seeking to exploit a zero-day vulnerability against computers running Internet Explorer (IE). According to a blog post from Google’s Threat Analysis Group (TAG), users in South Korea began receiving suspicious rich text format (RTF) documents disguised as a press release about the tragedy on Oct. 31, just two days after more than 150 people lost their lives in the bustling nighttime district. When opened, the file fetches additional code from the web to Read More © Korea Risk Group. All rights reserved. No part of this content may be reproduced, distributed, or used for commercial purposes without prior written permission from Korea Risk Group. LATEST ANALYSIS 01How China could benefit from North Korea’s troop deployment to Ukraine 02New North Korean ICBM delivers big political message, and likely bigger payloads 03How North Korea-Russia ties will challenge next US president, no matter who wins 04What to make of the stunning collapse in value of North Korean won 05What to know about Kim Yong Bok, the man leading North Korean troops in Russia 06If Trump: How erratic leader’s reelection could scramble North Korea policy 07North Korea’s admission of drone incursion exposes glaring gaps in air defenses 08The war in Ukraine is transforming how Europe perceives North Korean threats

News

North Korea exploits Itaewon tragedy for zero-day malware attack: Google

Researchers say ScarCruft used deadly event as lure for phishing campaign targeting Internet Explorer vulnerability

Ethan Jewell December 8, 2022

North Korea exploits Itaewon tragedy for zero-day malware attack: Google

Overcrowding in the streets of Seoul's Itaewon district the night of the crush, Oct. 29, 2022 | Image: Watchers Club (CC BY 3.0)

North Korean hackers used the deadly crush in Seoul’s Itaewon district as a lure in a malicious phishing campaign, researchers said Wednesday, seeking to exploit a zero-day vulnerability against computers running Internet Explorer (IE).

According to a blog post from Google’s Threat Analysis Group (TAG), users in South Korea began receiving suspicious rich text format (RTF) documents disguised as a press release about the tragedy on Oct. 31, just two days after more than 150 people lost their lives in the bustling nighttime district.

When opened, the file fetches additional code from the web to

01How China could benefit from North Korea’s troop deployment to Ukraine
02New North Korean ICBM delivers big political message, and likely bigger payloads
03How North Korea-Russia ties will challenge next US president, no matter who wins
04What to make of the stunning collapse in value of North Korean won
05What to know about Kim Yong Bok, the man leading North Korean troops in Russia
06If Trump: How erratic leader’s reelection could scramble North Korea policy
07North Korea’s admission of drone incursion exposes glaring gaps in air defenses
08The war in Ukraine is transforming how Europe perceives North Korean threats

North Korea exploits Itaewon tragedy for zero-day malware attack: Google

LATEST ANALYSIS

Similar Articles

About the Author

Ethan Jewell