Top

North Korea-linked Andariel APT Group exploited an ActiveX Zero-Day in recent attacks

June 1, 2018

Category:

A North Korea-linked APT group tracked as Andariel Group, leveraged an ActiveX zero-day vulnerability in targeted attacks against South Korean entities.

According to a report published by South Korean cyber-security firm AhnLab, the Andariel Group is a division of the dreaded Lazarus APT Group, it already exploited ActiveX vulnerabilities in past attacks.

The attackers exploited at least nine separate ActiveX vulnerabilities, including a new zero-day flaw, in a wave of watering hole attacks aimed to infect visitors of compromised websites with a backdoor trojan.

Read More on Security Affairs