North Korea exploits Itaewon tragedy for zero-day malware attack: Google
Researchers say ScarCruft used deadly event as lure for phishing campaign targeting Internet Explorer vulnerability
North Korean hackers used the deadly crush in Seoul’s Itaewon district as a lure in a malicious phishing campaign, researchers said Wednesday, seeking to exploit a zero-day vulnerability against computers running Internet Explorer (IE).
According to a blog post from Google’s Threat Analysis Group (TAG), users in South Korea began receiving suspicious rich text format (RTF) documents disguised as a press release about the tragedy on Oct. 31, just two days after more than 150 people lost their lives in the bustling nighttime district.
When opened, the file fetches additional code from the web to
- 01What North Korea’s official budget reveals about its spending priorities in 2024
- 02How North Korean aggression and the Taiwan election complicate China-DPRK ties
- 03Satellite imagery shows Kim Jong Un’s east coast yacht, missile test activities
- 04State media review: North Korean festivals build up to former leader’s birthday
- 05Survey shows markets reign supreme in the daily lives of North Koreans
- 06What to make of North Korea’s apparent interest in naval nuclear propulsion
- 07How North Korean defectors shape the policies of countries where they settle
- 08Slump in life insurance sector points to unreported COVID deaths in North Korea