ASEC Weekly Phishing Email Threat Trends (December 18th, 2022 – December 24th, 2022)
The ASEC analysis team monitors phishing email threats with the ASEC automatic sample analysis system (RAPIT) and honeypot. This post will cover the cases of distribution of phishing emails during the week from December 18th, 2022 to December 24th, 2022 and provide statistical information on each type. Generally, phishing is
ASEC Weekly Phishing Email Threat Trends (December 4th, 2022 – December 10th, 2022)
The ASEC analysis team monitors phishing email threats with the ASEC automatic sample analysis system (RAPIT) and Honeypot. This post will cover the cases of distribution of phishing emails during the week from December 4th, 2022 to December 10th, 2022 and provide statistical information on each type. Generally, phishing is
ASEC Weekly Phishing Email Threat Trends (November 27th, 2022 – December 3rd, 2022)
The ASEC analysis team monitors phishing email threats with the ASEC automatic sample analysis system (RAPIT) and Honeypot. This post will cover the cases of distribution of phishing emails during the week from November 27th, 2022 to December 3rd, 2022 and provide statistical information on each type. Generally, phishing is
ASEC Weekly Phishing Email Threat Trends (November 20th, 2022 – November 26th, 2022)
The ASEC analysis team monitors phishing email threats with the ASEC automatic sample analysis system (RAPIT) and Honeypot. This post will cover the cases of distribution of phishing emails during the week from November 20th, 2022 to November 26th, 2022 and provide statistical information on each type. Generally, phishing is
Phishing Email Disguised as a Well-Known Korean Airline
The ASEC analysis team has recently discovered a phishing email that impersonates a well-known Korean airline to collect user credentials. The phishing email contains a notice on airline ticket payment, inducing the reader to connect to the disguised phishing page with specific ticket prices and details that implies that the
Phishing Website Disguised as a Famous Korean Email Login Website Being Distributed
The ASEC analysis team has identified the distribution of a malicious website in Korea that aims to steal account credentials from a famous Korean email service website. The phishing website the email is redirected to is disguised as a login page for a Korean email website, and over 50 cases
Amadey Bot Disguised as a Famous Korean Messenger Program Being Distributed
On October 17th, 2022, the Korean Internet & Security Agency (KISA) published a security notice titled “Advising Caution on Cyber Attacks Exploiting the Kakao Service Malfunction Issue’, and according to the notice, malware disguised as a KakaoTalk installation file (KakaoTalkUpdate.zip etc.) is being distributed via email. KISA security notice: https://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=66958
GuLoader Malware Disguised as a Word File Being Distributed in Korea
The ASEC analysis team has discovered that the GuLoader malware is being distributed to Korean corporate users. GuLoader is a downloader that has been steadily distributed since the past, downloading various malware. The phishing mail being distributed is as follows, and has an HTML file attached. When the user opens
Phishing Websites Disguised as Korean Groupware Login Website Being Distributed
The ASEC analysis team has been building a honeypot to collect various malware strains that are being distributed both in Korea and overseas. The honeypot also collects phishing emails and recently caught one targeting Korean users, which was being distributed continuously to Korean email accounts only since August. The phishing
GuLoader Disguised as Estimate Requests Being Distributed via Phishing Email
GuLoader has ranked again in Top 5 malware keywords of ASEC Weekly Malware Statistics for the first time in two years. It is a downloader malware that can download additional malware, and got its name as Google Drive is frequently used as its download URL. ASEC Weekly Malware Statistics (June
