"North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware"
The North Korean threat actor "ScarCruft" exploited a Windows security flaw to infect devices with the "RokRAT" malware. The flaw is a memory corruption bug in the Scripting Engine that enables Remote Code Execution (RCE) when using the Edge browser in Internet Explorer Mode. To exploit it, an attacker must convince a user to click on a specially crafted URL to execute the malicious code. This article continues to discuss findings regarding ScarCruft's delivery of RokRAT malware.
THN reports "North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware"
Submitted by grigby1
Submitted by grigby1 CPVI
on