Word Files Related to Diplomacy and National Defense Being Distributed Posted By Hansoyoung , May 2, 2022 The ASEC analysis team has discovered the continuous distribution of malicious Word files with North Korea-related file names. The Word files contain malicious VBA macro codes and are the same file type introduced in <Discovery of Continuous Distribution of North Korea-related Malicious Word Files>. The names of the distributed files that were recently discovered are as follows: 220426-North Korea’s Diplomatic Policy and Our Responses(Professor Jeong).doc (April 26th) North Korea’s Diplomatic Policy and Our Responses.doc (April 26th) China’s Diplomatic Policy and…
ASEC Weekly Malware Statistics (April 18th, 2022 – April 24th, 2022) Posted By jcleebobgatenet , April 26, 2022 The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from April 18th, 2022 (Monday) to April 24th, 2022 (Sunday). For the main category, info-stealer ranked top with 70.5%, followed by RAT (Remote Administration Tool) with 17.8%, downloader with 7.4%, banking malware with 1.8%, ransomware with 2.5%. Top 1 – AgentTesla AgentTesla is an infostealer that ranked first place with 27%. It is an info-stealer…
New Malware of Lazarus Threat Actor Group Exploiting INITECH Process Posted By jcleebobgatenet , April 26, 2022 The AhnLab ASEC analysis team has discovered that there are 47 companies and institutions—including defense companies—infected with the malware distributed by the Lazarus group in the first quarter of 2022. Considering the severity of the situation, the team has been monitoring the infection cases. In systems of the organizations infected with the malware, it was found that malicious behaviors stemmed from the process of INITECH (inisafecrosswebexsvc.exe), the security company. The team initially secured the following information of inisafecrosswebexsvc.exe from the…
ASEC Weekly Malware Statistics (April 11th, 2022 – April 17th, 2022) Posted By Hansoyoung , April 25, 2022 The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from April 11th, 2022 (Monday) to April 17th, 2022 (Sunday). For the main category, info-stealer ranked top with 77.4%, followed by RAT (Remote Administration Tool) with 15.9%, downloader with 5.4%, banking malware with 0.8%, and ransomware with 0.4%. Top 1 – AgentTesla AgentTesla is an infostealer that ranked first place with 31%. It is an…
ASEC Weekly Malware Statistics (April 4th, 2022 – April 10th, 2022) Posted By Hansoyoung , April 14, 2022 The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from April 4th, 2022 (Monday) to April 10th, 2022 (Sunday). For the main category, info-stealer ranked top with 74.1%, followed by RAT (Remote Administration Tool) malware with 15%, downloader with 6.2%, ransomware with 2.9%, and banking malware with 1.8%. Top 1 – AgentTesla AgentTesla is an infostealer that ranked first place with 27.7%. It is…