Malware Information

ASEC Weekly Malware Statistics (October 4th, 2021 – October 10th, 2021)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from October 4th, 2021 (Monday) to October 10th, 2021 (Sunday). For the main category, info-stealer ranked top with 68.4%, followed by Downloader with 12.6%, RAT (Remote Administration Tool) malware with 8.6%, Backdoor Downloader with 6.3%, Ransomware with 3.7%, and Banking malware with 0.3%. Top 1 –  AgentTesla AgentTesla was ranked first with 23.6%. It is…

Change in Magniber Ransomware Vulnerability (CVE-2021-40444)

Magniber is a fileless ransomware using an IE vulnerability and it is one of the ransomware that causes damage to numerous Korean users. It is difficult to prevent infection if not detected and blocked in advance during the vulnerability occurrence phase, which makes it difficult for anti-malware programs to detect it. Magniber ransomware had been distributed since March 15th, 2021 using CVE-2021-26411 vulnerability up to recently, but on September 16th, it was discovered that it changed to CVE-2021-40444 vulnerability. This…

Makop Ransomware Disguised as Resume Being Distributed in Korea

The ASEC analysis team has recently confirmed that Makop ransomware disguised as a resume is being distributed to Korean users. Makop ransomware is malware that has continuously changed and been distributed since last year. It has been introduced in the previous ASEC blogs and it still takes the form of NSIS (Nullsoft Scriptable Install System). It appears that it disguised as a resume to target recruitment managers amidst the recruitment season of the companies. Given that this ransomware was distributed…

ASEC Weekly Malware Statistics (September 27th, 2021 – October 3rd, 2021)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from September 27th, 2021 (Monday) to October 3rd, 2021 (Sunday). For the main category, info-stealer ranked top with 63.2%, followed by Downloader with 19.2%, RAT (Remote Administration Tool) malware with 10.7%, Backdoor Downloader with 3.7%, Ransomware with 1.9%, CoinMiner with 1.1%, and Banking malware with 0.2%. Top 1 – AgentTesla AgentTesla tied for first place…

Trend of Phishing Spreading Through Spam Mails

AhnLab collects dozens of phishing spam mails from several clients daily. Phishing spam mails can be divided into two major types. The first type is using a fabricated e-mail from the get-go (e.g. asking to reply with personal information). The second type includes the address of the phishing website in the body of the e-mail, prompting the user to connect to it, or includes the script file of the phishing website as an attachment. This post will explain the characteristics…