Distribution of Malicious Excel Files Targeting Companies Amid Black Friday Season
Malicious Excel files are being distributed to companies amid the Black Friday season. The email confirmed today (Nov 25th) is an email reported by the attacked company in Korea. Attached to the email is an Excel file that contains an Excel 4.0 Macro (XLM) macro sheet in the form of
ASEC Weekly Malware Statistics (November 15th, 2021 – November 21st, 2021)
The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from November 15th, 2021 (Monday) to November 21st, 2021 (Sunday). For the main category, downloader ranked top with 31.0%, followed by infostealer with 29.1%,
ASEC Weekly Malware Statistics (November 8th, 2021 – November 14th, 2021)
The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from November 8th, 2021 (Monday) to November 14th, 2021 (Sunday). For the main category, info-stealer ranked top with 41.8%, followed by RAT (Remote Administration
Emails Disguised as ‘Emirates Post’ Being Distributed During the Overseas Direct Purchase Season
The ASEC analysis team has introduced numerous phishing websites disguised as various companies. The team has recently discovered a malicious email disguised as Emirates Post, a transport company, during the overseas direct purchase season. As shown in the figure below, the malicious email states that there is a problem with
North Korea-related Malicious Document Files Using CVE-2021-40444 Vulnerability
The ASEC analysis team has recently discovered the distribution of malicious files that include a new vulnerability CVE-2021-40444 which was revealed by Microsoft in September. It is noteworthy that the confirmed document files are all North Korea-related materials. North Korea-related malicious files have been evolving in new ways since the past. Seeing
ASEC Weekly Malware Statistics (November 1st, 2021 – November 7th, 2021)
The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from November 1st, 2021 (Monday) to November 7th, 2021 (Sunday). For the main category, info-stealer ranked top with 51.8%, followed by Downloader with 22.7%,
Analysis Report of Lazarus Group’s NukeSped Malware
AhnLab Security Emergency response Center (ASEC) reveals an analysis report of Lazarus group’s attacks found from around 2020 until recently. The malware discussed here is known as NukeSped, a backdoor type that can perform various malicious behaviors by receiving commands from the attacker. This report will show the analysis of
Analysis Report on Kimsuky Group’s APT Attacks (AppleSeed, PebbleDash)
This document is an analysis report on types of malware recently utilized by the Kimsuky group. The Kimsuky group is mainly known for launching social engineering attacks such as spear phishing. Judging by the names of the attached files, the group seems to be targeting those working in the fields
ASEC Weekly Malware Statistics (October 25th, 2021 – October 31st, 2021)
The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from October 25th, 2021 (Monday) to October 31st, 2021 (Sunday). For the main category, info-stealer ranked top with 48.3%, followed by RAT (Remote Administration
Malicious Excel File Using Macro Sheets Being Distributed in Korea (2)
The ASEC analysis team has found multiple distributions of malicious excel file that uses macro sheet (Excel 4.0 Macro) via phishing email. The use of macro sheet is a method commonly used by the distributor, and such method was also used in the distribution of malware such as SquirrelWaffle and
