Distribution of Word File (External + RTF) Modified to Avoid Detection
Malicious MS Office Word documents have long been used for the distribution of additional RTF malware by exploiting the fact that Word files allow external connection. However, AhnLab has identified the files that seem to have been made to avoid anti-malware detection are being distributed in Korea. Distribution of RTF
Continuously Changing Malicious Word Macro Being Distributed – Trend of TA551 (2)
The ASEC analysis team is back to continuously introduce DOC macro documents used by the TA551 group in attacks. The operation flow of macro documents hasn’t changed since its introduction in July. However, we have confirmed that in the most recent case, BazarLoader was distributed at the last step after
