North Korea-related Hangul Word Processor (HWP) File Being Distributed
The ASEC analysis team has recently discovered that North Korea-related HWP file was being distributed. The operation method is not through a vulnerability, but instead, a hyperlink is inserted on the screen the user is exposed to upon running the file, prompting the user to click, and upon clicking, executables
Discovery of Continuous Distribution of North Korea-related Malicious Word Files
The ASEC analysis team has discovered the continuous distribution of malicious Word files containing North Korea-related materials. The macro code inside the Word file is similar to the one that was introduced in the previous post, <‘Malicious Word File Disguised as ‘Purchase and Sales Agreement for Export-bound Gold Bars’>. The
Distribution of Malicious Word Document Disguised as a Military Security Monthly Magazine (April 2021)
On March 29th, ASEC analysis team has introduced malicious word documents containing North Korea related materials. Upon opening the file, it connects to the ‘External URL’ written within XML and downloads additional files. Recently the team has found out that malicious word documents using the mentioned method and disguised as
Malicious Word Documents with External Link of North Korea Related Materials
In the previous, ASEC analysis team has introduced various types of document-based malware. Among them, malicious documents of North Korea related materials were generally produced in HWP file format. You can check the relevant information from previous ASEC blog posts. Today, DOC (Word) documents containing North Korea related materials collected
