FormBook Malware Being Distributed as .NET
AhnLab’s ani-malware software, V3, detects and responds to malware with a variety of detection features including the App Isolate Scan feature. The App Isolate Scan detects and quarantines suspicious processes. This allows quarantining malware such as Infostealer and downloader in a virtual environment for detection. Therefore, V3 can protect users
Malware Being Distributed by Disguising Itself as Icon of V3 Lite
The ASEC analysis team has discovered the distribution of malware disguised as a V3 Lite icon and packed with the .NET packer. The attacker likely created an icon that is almost identical to that of V3 Lite to trick the user, and AveMaria RAT and AgentTesla were discovered during the
XLL Malware Distributed Through Email
Malware strains have been created and distributed in various forms and types. As such, the ASEC analysis team is actively monitoring and analyzing such changes to allow AhnLab products to detect them. This post will introduce XLL malware that was discovered being distributed last year. XLL files are Microsoft Excel
Method that Tricks Users to Perceive Attachment of PDF File as Safe File
The ASEC analysis team has discovered the distribution of info-stealer malware using Attachment feature of PDF files. This attack method was discovered previously, but as the malware of this type has resurfaced and is being actively distributed, the team would like to share the information. Note that the attacker used
Infostealer Being Distributed via YouTube
The ASEC analysis team has recently discovered an infostealer that is being distributed via YouTube. The attacker disguised the malware as a game hack for Valorant, and uploaded the following video with the download link for the malware, then guided the user to turn off the anti-malware program. The team
Vidar Exploiting Social Media Platform (Mastodon)
The ASEC analysis team has recently discovered that Vidar is exploiting a social media platform named Mastodon to create C&C server addresses. Mastodon website Vidar is an info-stealer malware installed through spam emails and PUP, sometimes being disguised as a KMSAuto authenticator tool. It has been consistently distributed since
Lokibot Malware Disguised as Phishing E-mail Requesting for Estimate
ASEC analysis team has discovered the distribution of Lokibot malware disguised as an estimate request e-mail. Lokibot malware has been distributed continually over several years, and a closer look at the weekly malware statistics uploaded to the ASEC blog reveals the fact that Lokibot consistently remained high on the weekly
Malware Being Sneakily Installed in My PC-BeamWinHTTP Malware
The weekly malware statistics which ASEC analysis team uploads every week show that the number of occurrences for a downloader type malware named BeamWinHTTP has been on the rise for the last few weeks. According to the last ASEC weekly malware statistics, BeamWinHTTP malware is one of the top 3
Infostealer Malware Azorult Being Distributed Through Spam Mails
The ASEC analysis team recently discovered that Azorult malware is being distributed through spam mails. Azorult is a kind of Infostealer that accesses a C&C server to receive DLL files and commands used to leak information, and steals information such as user data files and account information to leak it
