Korean online ad agency

APT37, a North Korea-linked cyber espionage group, launched a zero-day supply chain attack exploiting a vulnerability in Internet Explorer identified as CVE-2024-38178. They compromised a Korean online advertising agency which used an outdated IE-based WebView for ad content rendering. The agency's ad server was injected with malicious code, enabling APT37 to execute a zero-click attack on user systems through malicious ads, causing them to download malware without user interaction. The attack potentially allowed remote code execution and data exfiltration, causing significant security concerns for the affected company and its clients.

Source: https://securityaffairs.com/169983/apt/north-korea-apt37-ie-zero-day.html

"id": "jel000102124",
"linkid": "jellyfishglobal",
"type": "Vulnerability",
"date": "10/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"