Security News > 2021 > February > Hacking group also used an IE zero-day against security researchers
An Internet Explorer zero-day vulnerability has been discovered used in recent North Korean attacks against security and vulnerability researchers.
Last month, Google disclosed that the North Korean state-sponsored hacking group known as Lazarus was conducting social engineering attacks against security researchers.
To perform their attacks, the threat actors created elaborate online 'security researcher' personas that would then use social media to contact well-known security researchers to collaborate on vulnerability and exploit development.
Today, South Korean cybersecurity firm ENKI reported that Lazarus targeted security researchers on their team with MHTML files in this social engineering campaign.
The MHT file sent to ENKI researchers contained what was allegedly a Chrome 85 RCE exploit and was named 'Chrome 85 RCE Full Exploit Code.mht.
Acros CEO and 0patch co-founder Mitja Kolsek told BleepingComputer that he was able to reproduce the Internet Explorer zero-day PoC reported by ENKI. Based on tweets from other security researchers, ENKI told BleepingComputer that they believe other researchers know of this IE 11 zero-day.
News URL
Related news
- Prompt Hacking, Private GPTs, Zero-Day Exploits and Deepfakes: Report Reveals the Impact of AI on Cyber Security Landscape (source)
- Inside the book – See Yourself in Cyber: Security Careers Beyond Hacking (source)
- Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws (source)
- Grab 9 Ethical Hacking Courses for $30 and Improve Your Business Security (source)
- Chinese government website security is often worryingly bad, say Chinese researchers (source)