A North Korea-linked APT group tracked as Andariel Group, leveraged an ActiveX zero-day vulnerability in targeted attacks against South Korean entities.
According to a report published by South Korean cyber-security firm AhnLab, the Andariel Group is a division of the dreaded Lazarus APT Group, it already exploited ActiveX vulnerabilities in past attacks.
The attackers exploited at least nine separate ActiveX vulnerabilities, including a new zero-day flaw, in a wave of watering hole attacks aimed to infect visitors of compromised websites with a backdoor trojan.