I Don’t Want to Receive Any Unnecessary Information!

According to Section 50 of the ACT ON PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION AND INFORMATION PROTECTION, anyone who wishes to send promotional information for commercial purposes via electronic transmission media must receive explicit consent of the receiver in advance. Spam refers to promotional information sent or posted for commercial purposes through communications networks although it is unwanted by the user. This post will present the analysis of a program that sends messages automatically on a particular web portal….

Case of Attack Exploiting AnyDesk Remote Tool (Cobalt Strike and Meterpreter)

MS-SQL servers are mainly the attack targets for Windows systems. Attackers scan vulnerable MS-SQL servers that are poorly managed and install malware upon gaining control. Malware strains installed by attackers include CoinMiner, ransomware, backdoor, etc., and may vary depending on the purpose of the attack. Most backdoor strains are remote control types such as Remcos RAT and Gh0st RAT, but there are also infiltration testing tools used to dominate companies’ internal systems such as Cobalt Strike and Meterpreter. The attack…

ASEC Weekly Malware Statistics (June 20th, 2022 – June 26th, 2022)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from June 20th, 2022 (Monday) to June 26th, 2022 (Sunday). For the main category, info-stealer ranked top with 53.8%, followed by downloader with 25.1%, backdoor with 14.8%, banking malware with 4.9%, and ransomware with 1.3%. Top 1 – AgentTesla AgentTesla is an infostealer that ranked first place with 25.6%. It is an info-stealer that…

ASEC Weekly Malware Statistics (June 13th, 2022 – June 19th, 2022)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from June 13th, 2022 (Monday) to June 19th, 2022 (Sunday). For the main category, info-stealer ranked top with 63.8%, followed by backdoor with 17.8%, downloader with 8.9%, banking malware with 7.5%, and ransomware with 1.9%. Top 1 – AgentTesla AgentTesla is an infostealer that ranked first place with 29.1%. It is an info-stealer that…

New Info-stealer Disguised as Crack Being Distributed

The ASEC analysis team has previously uploaded posts about various malware types that are being distributed by disguising themselves as software cracks and installers. CryptBot, RedLine, and Vidar are major example cases. Recently, a single malware type of RedLine has disappeared (it is still being distributed as a dropper type) and a new infostealer malware is being actively distributed instead. Its distribution became in full swing starting from May 20th, globally categorized as “Recordbreaker Stealer.” Some analyses see it as…