Skip to main content

Russian, North Korean threat actors use Internet Explorer and LinkedIn to cause trouble

Internet Explorer 11 about page
Internet Explorer 11 about page (Image credit: Windows Central)

What you need to know

  • Google released a report detailing how its Threat Analysis Group (TAG) protects users.
  • The report highlights various threats that have been exposed in 2021.
  • Those threats can be found just about everywhere, including Linkedin and Internet Explorer.

Nowhere on the internet is truly safe, and Google's report on recent threats serves to remind users of that fact (via Ars Technica). In the report, which cites numerous cyberattacks, two unlikely foundations for online villainy were listed: LinkedIn and Internet Explorer.

For example, a threat detected on March 19, 2021, by Google's Threat Analysis Group (TAG) involved a Russian actor (likely government-backed, according to TAG) using LinkedIn Messaging to go after western European government officials. If the officials clicked the link in the message, they'd end up at a domain that would hit them with malicious payloads.

Google also outlined what happened with Internet Explorer earlier this year at the hands of North Korean attackers. To quote the report: "Earlier this year, North Korean attackers distributed MHT files embedding an exploit for CVE-2021-26411. These files are automatically opened in Internet Explorer when they are double clicked by the user."

Don't forget that Internet Explorer is entering formal retirement in 2022, meaning it's about as close to obsolete as a still-used browser can get. Yet it was a prime hub for ill-intentioned activity.

And these incidents are the tip of the iceberg. Recently, a Chinese group went after SolarWinds, a company that has suffered its fair share of attacks already this year at the hands of Russians.

Cybercrime is a daily occurrence, and the heightening frequency of large-scale attacks has become more and more apparent over the past few years. The question remains as to what can be done about it, given that detecting the problem is only half the battle.

Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.

1 Comment
  • Nothing will happen... American's will treat this like Covid. Senators will focus on stupid crap and bicker back and forth. Than they will blame it on the sitting Potus and go for a power grab. All the while we will get eaten from the inside out. Its classic mistake that happens regardless of what party is in power. If we were smart we would find the culprits and pay them to do what we obviously cant. Think the movie of catch me if you can. Last, set up a game that involves kids breaking into a site for a reward. Those that break in, start sending them to training and get moving towards a smarter cyber security department that can handle the future.