lazarusholic

Everyday is lazarus.dayβ

AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178)

2024-10-15, Ahnlab
https://asec.ahnlab.com/en/83877/
#CVE-2024-38178 #CodeonToast #RokRAT #TA-RedAnt

Contents

AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178)
AhnLab SEcurity intelligence Center (ASEC) and the National Cyber Security Center (NCSC) have discovered a new zero-day vulnerability in the Microsoft Internet Explorer (IE) browser and have conducted a detailed analysis on attacks that exploit this vulnerability. This post shares the joint analysis report “Operation Code on Toast by TA-RedAnt” which details the findings of the ASEC and NCSC joint analysis and the responses to the threat.
The North Korean threat actor TA-RedAnt (also known as RedEyes, ScarCruft, Group123, APT37, etc.) is behind this operation. They have previously targeted specific individuals such as North Korean defectors and experts in North Korean affairs using hacking emails, Android app package file (.apk), and IE vulnerabilities.
This operation exploited a zero-day vulnerability in IE to utilize a specific toast ad program that is installed alongside various free software.
※ Toast: A type of popup notification …