Backdoor (*.chm) Disguised as Document Editing Software and Messenger Application

The ASEC analysis team confirmed that a backdoor malware disguised as document editing software and messenger application used by many Korean users is being distributed in Korea through malicious CHM files. The team recently introduced malicious CHM files distributed in various forms twice in the ASEC blog in March. The malicious files discussed in this post execute additional malicious files via a process that is different from the previous cases. The names of some CHM files that are currently distributed … Continue reading Backdoor (*.chm) Disguised as Document Editing Software and Messenger Application