APT 37 was detected using a zero day in the Internet Explorer application as part of a phishing campaign against South Korean users. APT 37 also used a lure document purporting to analyze the stampede that occurred at Itaewon, a neighborhood in Seoul, on October 29, 2022, to entice users to open the phishing document.
- South Korean organizations and individuals
Suspected state sponsor
- Korea (Democratic People's Republic of)
Type of incident
- Private sector
- Civil society