DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks


North Korea-backed APT37 exploited a zero-day vulnerability in Microsoft's Internet Explorer (CVE-2024-38178) to launch "Code-on-Toast" zero-click supply chain attacks on South Korean users. The group compromised a Toast ad program, commonly bundled with free software, which uses IE-based WebView to render ads. Instead of ads, the compromised script delivered data-stealing RokRAT malware without user interaction. Although Microsoft patched the bug in August 2024, IE remains a security risk in legacy applications. APT37's increasingly sophisticated tactics highlight the importance of updating software and avoiding vulnerable development libraries.

Read More


thumb-image

Solutions