Warning Against Distribution of Malware Disguised as Research Papers (Kimsuky Group)
Recently, the AhnLab SEcurity intelligence Center (ASEC) confirmed the phishing email attack case where the Kimsuky group disguised their attack as a request for paper review from a professor. The email prompted the recipient to open a HWP document file with a malicious OLE object attachment. The document was password-protected,
North Korea-related Hangul Word Processor (HWP) File Being Distributed
The ASEC analysis team has recently discovered that North Korea-related HWP file was being distributed. The operation method is not through a vulnerability, but instead, a hyperlink is inserted on the screen the user is exposed to upon running the file, prompting the user to click, and upon clicking, executables
