Distribution of Hangul Word Processor (HWP) File with Title of North Korea-related Question
Previously, ASEC analysis team discovered the surge in the distribution of malicious Word files containing North Korea-related materials and shared detailed information about this trend. And today, ASEC analysis team has discovered the distribution of malware disguised as HWP files that contain North Korea-related questions. Judging by the information within
Distribution of Malicious Word Document Disguised as a Military Security Monthly Magazine (April 2021)
On March 29th, ASEC analysis team has introduced malicious word documents containing North Korea related materials. Upon opening the file, it connects to the ‘External URL’ written within XML and downloads additional files. Recently the team has found out that malicious word documents using the mentioned method and disguised as
Analysis of Dridex Malware Distribution Method Armed with Bypass Detection
Dridex, also known as Cridex and Bugat, is a typical info-stealing malware that steals financial information. It is distributed on a massive scale by cybercrime organizations and it mainly uses macros within Microsoft Office Word or Excel document files that are included in spam mails. The most noticeable characteristic of
Malicious Word File Disguised as Compensation Request Form (External Connection + VBA Macro)
With malicious document files being distributed in various document formats such as HWP, DOC, XSLX, and PDF, it is safe to say that such a document-based malware has become a new trend among attackers. In pursuit of this trend, ASEC analysis team has been publishing various articles that contain related information
Malicious Word Documents with External Link of North Korea Related Materials
In the previous, ASEC analysis team has introduced various types of document-based malware. Among them, malicious documents of North Korea related materials were generally produced in HWP file format. You can check the relevant information from previous ASEC blog posts. Today, DOC (Word) documents containing North Korea related materials collected
Caution! Magniber Ransomware Being Distributed in Korea Using CVE-2021-26411 Vulnerability
The distributor of Magniber ransomware has continued to evolve to avoid V3’s detection. It goes without saying that subscribers of ASEC Blog are well aware of the fact that AhnLab has been fighting the developers of Magniber ransomware for a long time, and that the history almost resembles a cat-and-mouse
Malware Being Sneakily Installed in My PC-BeamWinHTTP Malware
The weekly malware statistics which ASEC analysis team uploads every week show that the number of occurrences for a downloader type malware named BeamWinHTTP has been on the rise for the last few weeks. According to the last ASEC weekly malware statistics, BeamWinHTTP malware is one of the top 3
Distribution of Malware via Resume/Copyright-Related Emails (Ransomware, Infostealer)
ASEC analysis team has confirmed the malware under the disguise of a resume is still being distributed. This time, it disguised as resume and copyright-related files. The file that is being recently distributed also takes the form of NSIS (Nullsoft Scriptable Install System) and is being distributed under various filenames
Received Estimate/Purchase Order Email? Take Caution When Opening Them!
With the start of 2021, malicious emails disguised as business emails are being discovered as numerous companies have started their business. Thus, users must remain vigilant when opening email. The discovered attacks used e-mails disguised as business-related content, such as ‘estimate request’ or ‘purchase orders,’ with malicious files attached. Upon
Distribution of Malware Disguised as ‘2021 Ministry of National Defense Work Report Revised’
On January 24, ASEC discovered the distribution of malware disguised as ‘2021 Ministry of National Defense Work Report Revised.’ As shown below, the extension of the distributed malware is *.pif, but it is an executable file just like the EXE extension. Once run, a file that is identical to that
