North Korea exploits Itaewon tragedy for zero-day malware attack: Google
Researchers say ScarCruft used deadly event as lure for phishing campaign targeting Internet Explorer vulnerability
North Korean hackers used the deadly crush in Seoul’s Itaewon district as a lure in a malicious phishing campaign, researchers said Wednesday, seeking to exploit a zero-day vulnerability against computers running Internet Explorer (IE).
According to a blog post from Google’s Threat Analysis Group (TAG), users in South Korea began receiving suspicious rich text format (RTF) documents disguised as a press release about the tragedy on Oct. 31, just two days after more than 150 people lost their lives in the bustling nighttime district.
When opened, the file fetches additional code from the web to
- 01With warhead inspection, Kim Jong Un flaunts confidence in tactical nukes
- 02Why North Korea’s ‘radioactive tsunami’ weapon may just be a bluff
- 03State media review: North Korea calls denuclearization a ‘declaration of war’
- 04Why North Korea and the Philippines view each other with mutual distrust
- 05North Korea’s new silo-based missile raises risk of prompt preemptive strikes
- 06Why normalizing US-North Korea relations is a prerequisite for denuclearization
- 07North Korean planes active at Pyongyang airport hours after runway missile test
- 08North Korea using US-ROK drills as cover to carry out missile tests, experts say