rokrat malware

Malicious Ads Exploited Internet Explorer Zero-Day to Spread RokRAT Malware in ScarCruft Attack

Posted: October 17, 2024

Categories: Malware Alerts, Cyber Attack

Tags: rokrat malware, internet explorer

Author: Npav Lab

In May 2024, North Korean hacking group ScarCruft (APT37) exploited an Internet Explorer zero-day flaw (CVE-2024-39178) to distribute RokRAT malware through malicious toast pop-up ads. This zero-click malware campaign, dubbed "Code on Toast," compromised an advertising server, targeting systems to exfiltrate sensitive data and perform espionage activities. Despite Internet Explorer’s retirement, its components still pose a significant risk as threat actors continue exploiting these vulnerabilities.