Malicious LNK Disguised as Credit Card Security Email Authentication Pop-up
AhnLab SEcurity intelligence Center (ASEC) has recently identified a case where a malicious LNK file is disguised as the credit card security email authentication pop-up to steal user information. The identified malicious LNK file has the following file name, disguising itself as the credit card company. **card_detail_20250610.html.lnk The threat actor has been
RokRAT Malware Using Malicious Hangul (.HWP) Documents
AhnLab SEcurity intelligence Center (ASEC) recently discovered the distribution of RokRAT malware using a Hangul Word Processor document (.hwp). RokRAT is typically distributed by including a decoy file and malicious script inside a shortcut (LNK) file. However, ASEC found a case where the malware was distributed through HWP documents instead
June 2025 Trends Report on Phishing Emails
This report provides the distribution quantity, statistics, trends, and case information on phishing emails and email threats collected and analyzed for one month in June 2025. The following are some statistics and cases included in the original report. 1) Statistics on Attachment Threats in June 2025 In June 2025, the
Infostealer Disguised as Copyright Infringement Document Distributed in Korea
AhnLab SEcurity intelligence Center (ASEC) has confirmed that Infostealer malware disguised as a document containing legal responsibilities and copyright infringement facts is continuously being distributed in Korea. It is mainly distributed through links in email attachments, and the email instructs the recipients to download the evidence related to the copyright
May 2025 Trends Report on Phishing Emails
This report provides statistics, trends, and case details on the distribution volume and attachment threats of phishing emails collected and analyzed in May 2025. The following is a part of the statistics and cases included in the original report. 1) Phishing Email Threat Statistics In May 2025, the most prevalent
April 2025 Trends Report on Phishing Emails
This report provides statistics, trends, and case details on the distribution volume and attachment threats of phishing emails collected and analyzed in April 2025. The following is a part of the statistics and cases included in the original report. 1) Phishing Email Threat Statistics In March 2025, the most common
XLoader Info-stealer Distributed Using MS Equation Editor Vulnerability (CVE-2017-11882)
AhnLab Security Intelligence Center (ASEC) publishes the information of phishing emails to AhnLab TIP monthly under the title “Trends Report on Phishing Emails.” There are various keywords/topics disguised as phishing, and this blog will cover cases where emails disguised as emails for checking purchases and order confirmations are used to
Malicious LNK Disguised as Notices
AhnLab SEcurity intelligence Center (ASEC) recently discovered a malicious LNK file being distributed to Korean users for the purpose of stealing user information. This type of malware collects various valuable data for threat actors, such as data related to virtual assets, browsers, public certificates, and email files, and it also
March 2025 Trends Report on Phishing Emails
This report provides statistics, trends, and case details on the distribution volume and attachment threats of phishing emails collected and analyzed in March 2025. The following is a part of the statistics and cases included in the original report. 1. Phishing Email Threat Statistics In March 2025, the most common
Remcos RAT Malware Disguised as Major Carrier’s Waybill
AhnLab SEcurity intelligence Center (ASEC) has recently discovered the Remcos malware disguised as a waybill from a major shipping company. This article details the distribution distribution flow from HTML, JavaScript, and AutoIt scripts leading to the execution of the final Remcos malware. Figure 1 shows the original email with
