Damages to Multiple Korean Websites Created by a Certain Website Development Company Posted By EASTSTON3 , June 19, 2023 AhnLab Security Emergency response Center (ASEC) has discovered instances of websites created by a certain Korean website development company being targeted by attacks and being used to distribute malware. This specific website development company has created websites for a wide range of companies including manufacturing, trade, electrical, electronics, education, construction, medical, and travel industries. The breached websites were used to distribute malware, and they were also used to perform other features such as transmitting the information that was stolen through…
Lazarus Threat Group Exploiting Vulnerability of Korean Finance Security Solution Posted By sujeong , June 15, 2023 As covered before here on the ASEC Blog, the Lazarus threat group exploits the vulnerabilities of INISAFE CrossWeb EX and MagicLine4NX in their attacks. New Malware of Lazarus Threat Actor Group Exploiting INITECH Process (Apr 26, 2022) A Case of Malware Infection by the Lazarus Attack Group Disabling Anti-Malware Programs With the BYOVD Technique (Oct 31, 2022) While monitoring the activities of the Lazarus threat group, AhnLab Security Emergency response Center (ASEC) recently discovered that the zero-day vulnerability of VestCert…
ASEC Weekly Malware Statistics (June 5th, 2023 – June 11th, 2023) Posted By ASEC , June 14, 2023 AhnLab Security Emergency response Center (ASEC) uses the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from June 5th, 2023 (Monday) to June 11th, 2023 (Sunday). For the main category, Infostealer ranked top with 44.6%, followed by downloader with 43.9%, backdoor with 9.5%, and ransomware with 2.0%. Top 1 – Amadey This week, Amadey Bot ranked first place with 30.4%. Amadey is a downloader that can receive commands from…
ASEC Weekly Phishing Email Threat Trends (May 28th, 2023 – June 3rd, 2023) Posted By ASEC , June 13, 2023 AhnLab Security Emergency response Center (ASEC) monitors phishing email threats with the ASEC automatic sample analysis system (RAPIT) and honeypot. This post will cover the cases of distribution of phishing emails during the week from May 28th, 2023 to June 3rd, 2023 and provide statistical information on each type. Generally, phishing is cited as an attack that leaks users’ login account credentials by disguising as or impersonating an institute, company, or individual through social engineering methods. On a broader note,…
Threat Trend Report on APT Groups – April 2023 Posted By ahnlabti , June 9, 2023 In this report, we cover nation-led threat groups presumed to conduct cyber intelligence or destructive activities under the support of the governments of certain countries, referred to as “Advanced Persistent Threat (APT) groups” for the sake of convenience. Therefore, this report does not contain information on cyber criminal groups aiming to gain financial profits. We organized analyses related to APT groups disclosed by security companies and institutions during the previous month; however, the content of some APT groups may not…
