ASEC Weekly Malware Statistics (November 29th, 2021 – December 5th, 2021)
Light Statistics

ASEC Weekly Malware Statistics (November 29th, 2021 – December 5th, 2021)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from November 29th, 2021 (Monday) to December 5th, 2021 (Sunday). For the main category, downloader ranked top with 31.4%, followed by CoinMiner with 25.6%,

  • Dec 13 2021
[Alert] Apache Log4j 2 Vulnerability, Update Recommended
Vulnerabilities

[Alert] Apache Log4j 2 Vulnerability, Update Recommended

The Apache Log4j 2 vulnerability (CVE-2021-44228) was revealed on Twitter and Github alongside POC on December 10th, 2021. It is the remote code execution (RCE) vulnerability of the Log4j software, which can include the remote Java object address in the log message and run it in the vulnerable server. Alibaba’s cloud

  • Dec 11 2021
Word File Disguised as a Design Modification Request for Information Theft
Malware

Word File Disguised as a Design Modification Request for Information Theft

The ASEC analysis team has discovered the distribution of malicious Word file targeting Korean users. The filename is Design Modification Request.doc, and it includes an image that prompts the user to run the macro. Figure 1. Image in the Word file   Figure 2. File information of Design Modification Request.doc

  • Dec 06 2021
ASEC Weekly Malware Statistics (November 22nd, 2021 – November 28th, 2021)
Light Statistics

ASEC Weekly Malware Statistics (November 22nd, 2021 – November 28th, 2021)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from November 22nd, 2021 (Monday) to November 28th, 2021 (Sunday). For the main category, downloader ranked top with 31.7%, followed by infostealer with 23.7%,

  • Dec 03 2021
Lokibot Malware Disguised as National Tax Service Email Being Distributed
Malware

Lokibot Malware Disguised as National Tax Service Email Being Distributed

The ASEC analysis team has recently discovered that malicious emails disguised as Hometax are consistently being distributed. The sender address used in the email is hometaxadmin@hometax.go[.]kr or hometaxadmin@hometax[.]kr, identical to the case found last year, and the email contains electronic tax invoice related materials. Figure 1. Email that is being

  • Dec 03 2021
AgentTesla Being Distributed via More Sophisticated Malicious PowerPoint Files
Malware

AgentTesla Being Distributed via More Sophisticated Malicious PowerPoint Files

The ASEC analysis team has introduced malicious PowerPoint files that have been continuously distributed since last year. Recently, the team has discovered that various malicious features were added to the script that is run in the malicious PowerPoint file. The method the malicious file is run remains the same as

  • Dec 02 2021
Distribution of Phishing Emails Targeting Korean Research Institutes and Companies
Malware Phishing/Scam

Distribution of Phishing Emails Targeting Korean Research Institutes and Companies

The ASEC analysis team has discovered the distribution of phishing emails targeting Korean research institutes and companies to steal passwords. The phishing email impersonated an international transport company, requesting the user to submit custom information, and open the attachment file to prompt the user to click the URL. Upon clicking

  • Dec 01 2021