Preemptive Defense Measures against Fileless Magniber Ransomware (V3 Behavior Detection)
After the distribution of Magniber recovery tools developed by AhnLab Analysis Team in 2018, Magniber has been transformed into a fileless format, disabling any kind of recovery. For successful file encryption, this fileless Magniber has evolved to bypass behavior detection and perform indiscriminate injection to unspecified processes that have privileges on
BlueCrab: The Successor of GandCrab with Different Execution Method Depending on Use of V3Lite
A newly emerged BlueCrab ransomware is distributed in various ways, similar to GandCrab. Its distribution methods include phishing email with a malicious document attached and phishing utility download page. AhnLab ASEC has been monitoring the distribution code of Javascript disguising as a utility program. When Javascript file(.js) downloaded from the phishing utility
Distribution and Operation of Malware ‘Crypter’ Exploiting Spam Mail
A malicious spam mail attack that distributes malware by attaching document or archive file has been one of the most popular method among the operators. AhnLab ASEC Analysis Team analyzed spam mails received from numbers of customers and confirmed that majority of files downloaded by malicious documents attached to the
