Malicious Word Files Disguised as Product Introduction
The ASEC analysis team has discovered a word document that is in the same category as the document introduced in the post <Word File Disguised as a Design Modification Request for Information Theft>, uploaded in December last year. The title of the document confirmed in this case is ‘Product Introduction.doc’.
APT Attack Attempts Using Word Documents Targeting Specific Individuals
The ASEC analysis team confirmed that the malware with the same format of malicious word documents introduced in the post “Malicious Word Documents Pretending ‘Korea Association for Political and Diplomatic History’ and ‘Policy Advisory Member Profile’ Being Distributed” is still being distributed. Like the malicious word documents introduced in previous
Malicious Word Documents Pretending ‘Korea Association for Political and Diplomatic History’ and ‘Policy Advisory Member Profile’ Being Distributed
As shown below, the ASEC analysis team introduced on two occasions that malicious word documents with titles ‘Compensation Claim Form’ and ‘Summer Academic Conference Profile Template’ were being distributed. While monitoring similar attack types, the team found evidence that the creator of the documents distributed new word documents in June
Distribution of Malicious Word Document Disguised as a Military Security Monthly Magazine (April 2021)
On March 29th, ASEC analysis team has introduced malicious word documents containing North Korea related materials. Upon opening the file, it connects to the ‘External URL’ written within XML and downloads additional files. Recently the team has found out that malicious word documents using the mentioned method and disguised as
