Continuously Changing Malicious Word Macro Being Distributed – Trend of TA551
The ASEC analysis team has been continuously updating the blog with information on malicious macro files and has been urging users to take caution. This post will introduce a type of word macro file distributed recently by the attack group TA551, showing changes in an average of 1 week. For
Malicious Word Documents Pretending ‘Korea Association for Political and Diplomatic History’ and ‘Policy Advisory Member Profile’ Being Distributed
As shown below, the ASEC analysis team introduced on two occasions that malicious word documents with titles ‘Compensation Claim Form’ and ‘Summer Academic Conference Profile Template’ were being distributed. While monitoring similar attack types, the team found evidence that the creator of the documents distributed new word documents in June
Nitol Malware Being Distributed in Forum Archive
The ASEC analysis team confirmed that malware is being distributed in a forum archive in Korea. The attacker uploaded 4 posts disguised as sharing utility programs that are used to distribute malware. These posts distribute Nitol malware disguised as certain utility programs. The related attacks have been happening since last
Malicious Word Document Disguised as Profile Template File for Summer Academic Conference Being Distributed
In June this year, the ASEC analysis team introduced a malicious word document assumed as a targeted attack. Recently, the team confirmed that malware of the same type is being distributed with new content. It was distributed through mails with the sender impersonating an admin of a summer academic conference
Info-Stealer Malware Disguised as Illegal Pornography Being Distributed via Discord
The ASEC analysis team recently found an info-stealing malware that is being distributed via Discord messenger. The malware which is spread through Discord uses the Discord API to send the stolen information to the attacker. FYI, the Discord type method was introduced in the ASEC blog before. https://asec.ahnlab.com/en/19343/ The Discord
Attacker Distributing Malicious Word Document Written as Compensation Claim Form
A malicious word document file written as ‘compensation claim form’ is being distributed again. This is speculated to be a targeted APT attack. The exact malware that used the identical document format was also discovered back in March, and the ASEC team published a post that analyzes the malware in
CryptBot Info-stealer Malware Being Distributed in Different Forms
CryptBot is an info-stealer malware distributed through malicious sites disguised as utility program downloading pages. When searching keywords such as names of certain programs, cracks, and serial numbers, the related distribution sites are exposed at the top of the search results page. Upon connecting to the page and clicking the
njRAT Being Distributed through Webhards and Torrents
njRAT is a RAT malware that can perform various malicious activities after receiving commands from the attacker. Because it provides various features such as file downloading, command execution, keylogging, and user account information extortion, it has been steadily used by attackers since the past. Also, since one can easily find
Caution! Malicious Excel Macros Being Distributed Indiscriminately Through Emails!
The ASEC analysis team discovered that excel files containing the same type of malicious macros are being distributed indiscriminately through emails. Such excel files contain macros that additionally download malware. Recently, it was found that reply mails targeting random people were added with threatening text and malicious excel macro files.
More Companies being Targeted by Ransomware! Cases of Ransomware Attacks Against Company Systems
The number of cyberattacks targeting companies is increasing day by day. Just this May, the United States’ largest private pipeline company was attacked by ransomware, resulting in the shutdown of the entire pipeline facility. A well-known domestic delivery platform company also suffered from a ransomware attack, affecting hundreds and thousands
