Distribution of Phishing Emails Targeting Korean Research Institutes and Companies
Malware Phishing/Scam

Distribution of Phishing Emails Targeting Korean Research Institutes and Companies

The ASEC analysis team has discovered the distribution of phishing emails targeting Korean research institutes and companies to steal passwords. The phishing email impersonated an international transport company, requesting the user to submit custom information, and open the attachment file to prompt the user to click the URL. Upon clicking

  • Dec 01 2021
Malicious Excel File Using Macro Sheets Being Distributed in Korea (2)
Malware

Malicious Excel File Using Macro Sheets Being Distributed in Korea (2)

The ASEC analysis team has found multiple distributions of malicious excel file that uses macro sheet (Excel 4.0 Macro) via phishing email. The use of macro sheet is a method commonly used by the distributor, and such method was also used in the distribution of malware such as SquirrelWaffle and

  • Nov 04 2021
Daum Phishing E-mails Disguised as ‘Purchase Order’ being Distributed
Malware Phishing/Scam

Daum Phishing E-mails Disguised as ‘Purchase Order’ being Distributed

One of the most frequently used methods for the distribution of malware is using phishing e-mails. The ASEC analysis team has introduced specific phishing attacks as well as the types of phishing e-mails in previous blog posts. Trend of Phishing Spreading Through Spam Mails Similar to the previous cases, the

  • Oct 05 2021
Continuously Changing Malicious Word Macro Being Distributed – Trend of TA551 (2)
Malware Trend

Continuously Changing Malicious Word Macro Being Distributed – Trend of TA551 (2)

The ASEC analysis team is back to continuously introduce DOC macro documents used by the TA551 group in attacks. The operation flow of macro documents hasn’t changed since its introduction in July. However, we have confirmed that in the most recent case, BazarLoader was distributed at the last step after

  • Sep 06 2021
NanoCore RAT Disguised as Notification of Foreign Currency Remittance Being Spread!
Malware

NanoCore RAT Disguised as Notification of Foreign Currency Remittance Being Spread!

The ASEC analysis team recently discovered that the NanoCore remote access Trojan (RAT) disguised as notification of foreign currency remittance was distributed. Because the malware is usually spread through phishing mails, users need to take extra caution. The mail impersonates a capital company and is distributed with the title “[**

  • Aug 05 2021
Phishing Site Targeting Domestic E-mail Service Users (Part 2)
Phishing/Scam

Phishing Site Targeting Domestic E-mail Service Users (Part 2)

The ASEC analysis team has been sharing information about various phishing e-mails in the ASEC blog. This time, the team aims to inform users about another discovered phishing site that targets domestic e-mail service users to distribute malware. The recently confirmed phishing site targets Naver Mail (mail.naver), Daum Mail (mail2.daum),

  • Jun 04 2021
Lokibot Malware Disguised as Phishing E-mail Requesting for Estimate
Malware Phishing/Scam

Lokibot Malware Disguised as Phishing E-mail Requesting for Estimate

ASEC analysis team has discovered the distribution of Lokibot malware disguised as an estimate request e-mail. Lokibot malware has been distributed continually over several years, and a closer look at the weekly malware statistics uploaded to the ASEC blog reveals the fact that Lokibot consistently remained high on the weekly

  • Apr 20 2021