Security News > 2024 > October > North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
2024-10-16 10:50
The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.
News URL
https://thehackernews.com/2024/10/north-korean-scarcruft-exploits-windows.html
Related news
- Malware exploits 5-year-old zero-day to infect end-of-life IP cameras (source)
- North Korean hackers exploit Chrome zero-day to deploy rootkit (source)
- North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit (source)
- APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) (source)
- South Korean hackers exploited WPS Office zero-day to deploy malware (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign (source)
- Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE (source)
- North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams (source)
- Microsoft fixes Windows Smart App Control zero-day exploited since 2018 (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-38178 | Unspecified vulnerability in Microsoft products Scripting Engine Memory Corruption Vulnerability | 7.5 |