Security News > 2022 > December > North Korea hits new low by using Seoul Halloween tragedy to exploit Internet Explorer zero-day
North Korea has hit a new low, using the death of over 150 people to exploit a zero-day flaw in Internet Explorer.
South Korea declared a week of national mourning after the incident.
Because Office renders this HTML content using Internet Explorer.
Internet Explorer has of course been deprecated but is still present on many PCs. Quite possibly more PCs in South Korea than elsewhere given some of the nation's government websites relied on legacy Microsoft browser technologies until 2021.
North Korea stands accused of using cyber-ops to steal data, money, and whatever else it can get its hands on.
Far from atypical for North Korea's government, which those of you with a strong stomach can learn about in horrifying detail in this searing United Nations report that details the regime's excesses.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/12/08/north_korea_seoul_tragedy_exploit/
Related news
- Malicious ads exploited Internet Explorer zero day to drop malware (source)
- Feds reach for sliver of crypto-cash nicked by North Korea's notorious Lazarus Group (source)
- Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Officials warn of Russia's tech-for-troops deal with North Korea amid Ukraine conflict (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)