APT37 Uses Internet Explorer Zero-Day to Spread MalwareAPT37 Uses Internet Explorer Zero-Day to Spread Malware
IE is still a vector: South Koreans lured in with references to the deadly Halloween celebration crowd crush in Seoul last October.

North Korean threat group APT37 was able to exploit an Internet Explorer zero-day vulnerability to deploy documents loaded with malware as part of its ongoing campaign targeting users in South Korea, including defectors, journalists, and human rights groups.
Google's Threat Analysis Group (TAG) found the zero-day flaw in the Internet Explorer JScript engine in late October, tracked under CVE-2022-41128, and now reports that Microsoft was responsive and has issued applicable patches.
To lure in potential victims, the malicious documents referenced the deadly crowd crushing incident in Seoul that happened during Halloween celebrations on Oct. 29.
"This incident was widely reported on, and the lure takes advantage of widespread public interest in the accident," the TAG team reported. "This is not not the first time APT37 has used Internet Explorer 0-day exploits to target users."
About the Author
You May Also Like
Uncovering Threats to Your Mainframe & How to Keep Host Access Secure
Feb 13, 2025Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025