The ASEC analysis team has discovered distribution of malicious HWP file disguised as “Press Release of 20th Presidential Election Early Voting for Sailors” as the presidential election draws near. The attacker distributed the malicious HWP file on February 28th, and though the team could not get the file in the hand, it appears this file runs a batch file through the internal OLE object to execute powershell according to AhnLab’s ASD (AhnLab Smart Defense) infrastructure log. Filename used in distribution: … Continue reading Malicious HWP File Disguised as Press Release of 20th Presidential Election Early Voting for Sailors Being Distributed
1 Comment