Various Types of Threats Disguised as Software Download Being Distributed

Through multiple posts, the ASEC analysis team has mentioned CryptBot that is searched through keywords such as cracks and serials of commercial software, urging users to take caution. CryptBot malware is the one that is usually distributed from such malicious websites, but other types are occasionally distributed as well. This post will discuss other malware programs of the same type besides CryptBot. As mentioned in previous posts, the malware is distributed from malicious webpages exposed on the top search page…

ASEC Weekly Malware Statistics (August 2nd, 2021 – August 8th, 2021)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to major threats. This post will list weekly statistics collected from August 2nd, 2021 (Monday) to August 8th, 2021 (Sunday). For the main category, Infostealer ranked top with 53.7%, followed by RAT (Remote Administration Tool) with 22.4%, downloader with 11.3%, CoinMiner with 7.6%, ransomware with 4.3%, and Ddos with 0.6%. Top 1 – RedLine RedLine has taken first place once again with 12.8%. The malware…

Word Document Titled ‘BIO Form’ Being Distributed

Since last month, the ASEC analysis team has been continuously uploading posts about APT attacks using word documents. Recently, it found that the malware of the same type is being constantly distributed in the name of ‘BIO form.’ By looking at the distribution history of previous word documents, we can assume that this file is also targeting professors or research center directors related to North Korea while disguising itself as a biography form. The recently discovered file that is being…

Malware Disguised as Job Offer Letter

The ASEC analysis team has recently discovered that KPOT Infostealer is being distributed via spam mails containing word files. There has been a number of cases ultimately downloading Infostealer programs when the macro was enabled, but this case is noticeable in that it used a word file with a particular password in a spam mail disguised as a job offer letter to trick users. While how the e-mail came to be spread has not yet been identified, it appears that…

ASEC Weekly Malware Statistics (July 26th, 2021 – August 1st, 2021)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to major malware. This post will list weekly statistics collected from July 26th, 2021 (Monday) to August 1st, 2021 (Sunday). For the main category, Infostealer ranked top with 48.2%, followed by RAT (Remote Administration Tool) malware with 25.8%, downloader with 13.0%, CoinMiner with 8.6%, ransomware with 4.2%, and Ddos with 0.3%. Top 1 – RedLine RedLine malware has taken first place once again with 18.0%….