Security News > 2024 > October > North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
2024-10-16 10:50
The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.
News URL
https://thehackernews.com/2024/10/north-korean-scarcruft-exploits-windows.html
Related news
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- New Windows Malware Locks Computer in Kiosk Mode (source)
- OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf (source)
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- Malicious ads exploited Internet Explorer zero day to drop malware (source)
- macOS HM Surf vuln might already be under exploit by major malware family (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-13 | CVE-2024-38178 | Unspecified vulnerability in Microsoft products Scripting Engine Memory Corruption Vulnerability | 7.5 |