Caution! Phishing Mails Exploiting URL Shortener and Impersonating Organizations

The ASEC analysis team has been continuously updating the blog with information about phishing mails and urging users to take caution. Recently, the team confirmed a massive distribution of phishing mails with attachments that are assumed to be of the same type. While the structures of the HTML files for the finally connected phishing sites are different for each phishing mail of this type, the structures of HTML attachments that redirect users are the same, and the URLs of the…

ASEC Weekly Malware Statistics (May 31st, 2021 – June 6th, 2021)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from May 31st, 2021 (Monday) to June 6th, 2021 (Sunday). For the main category, info-stealer ranked top with 82.5%, followed by RAT (Remote Administration Tool) malware with 16.0%, and downloader with 1.5%. Banking malware and ransomware were excluded due to decrease in the number of cases. Top 1 –  AgentTesla AgentTesla was ranked first place…

Malware Disguised as Normal Excel and Word Documents

The ASEC analysis team has recently confirmed that document files with a certain type of malicious macro have been distributed continuously. The malicious files are distributed with various filenames as shown below. As they all contain content disguised as normal files, users must exercise caution when dealing with them. Constitution Day International Academic Forum.doc 28th North Korea-South Korea Relations Experts Discussion***.doc Honorarium Template.doc email_20210516.xls email_20210414.xls Recently discovered excel files contain the date of distribution on their filenames such as ’email_20210516.xls’…

ASEC Weekly Malware Statistics (May 24th, 2021 – May 30th, 2021)

The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from May 24th, 2021 (Monday) to May 30th, 2021 (Sunday). For the main category, info-stealer ranked top with 79.4%, followed by RAT (Remote Administration Tool) malware with 19.0%, downloader with 1.1%, ransomware with 0.4%, and CoinMiner with 0.2%. Top 1 –  AgentTesla AgentTesla was ranked first place with 30.0%. It is an info-stealer malware that leaks…

More Companies being Targeted by Ransomware! Cases of Ransomware Attacks Against Company Systems

The number of cyberattacks targeting companies is increasing day by day. Just this May, the United States’ largest private pipeline company was attacked by ransomware, resulting in the shutdown of the entire pipeline facility. A well-known domestic delivery platform company also suffered from a ransomware attack, affecting hundreds and thousands of stores and delivery riders. According to a press release [1] reported by the Ministry of Science and ICT, the number of ‘Reports on Domestic Ransomware Cases for Recent Three…