April 2025 Threat Trend Report on APT Attacks (South Korea)
Overview AhnLab is monitoring Advanced Persistent Threat (APT) attacks in South Korea using its own infrastructure. This report covers the classification, statistics, and functions of APT attacks detected in South Korea over the course of one month in April 2025. Figure 1. Statistics of APT attacks in South
March 2025 APT Group Trends (South Korea)
Overview AhnLab is monitoring Advanced Persistent Threat (APT) attacks in South Korea using its own infrastructure. This report covers the classification, statistics, and features of the APT attacks in South Korea that were identified in March 2025, as well as the attack types. Figure 1. Statistics of
February 2025 APT Group Trends (South Korea)
Overview AhnLab is monitoring Advanced Persistent Threat (APT) attacks in South Korea using its own infrastructure. This report covers the classification, statistics, and features of the APT attacks in South Korea that were identified in February 2025, as well as the attack types. Figure 1. Statistics of APT
LummaC2 Malware Distributed Disguised as Total Commander Crack
AhnLab SEcurity intelligence Center (ASEC) has discovered the LummaC2 malware being distributed disguised as the Total Commander tool. Total Commander is a file manager for Windows that supports various file formats. It offers convenient file management features such as copy and move features, advanced search using strings within files, folder
January 2025 Threat Trend Report on APT Attacks (South Korea)
Overview AhnLab is monitoring Advanced Persistent Threat (APT) attacks in South Korea using its own infrastructure. This report covers the classification and statistics of APT attacks in South Korea that have been identified over the course of a month in January 2025, as well as the features of each attack
Increase in Distribution of AutoIt Compile Malware via Phishing Emails
Overview AhnLab SEcurity intelligence Center (ASEC) releases weekly information about malware distributed via phishing emails under the title “Weekly Phishing Email Distribution Cases” on the ASEC Blog. While .NET-based malware was previously the most common type in EXE file distributions, there has been a recent surge in malware created
Distribution of SnakeKeylogger Malware via Email
AhnLab SEcurity intelligence Center (ASEC) has recently identified cases where the SnakeKeylogger malware is being distributed via email. SnakeKeylogger is an Infostealer type of malware developed using the .NET language, and it is characterized by its methods of data exfiltration through email, FTP, SMTP, or Telegram. Figure 1. Phishing email
Warning Against Phishing Emails Prompting Execution of Commands via Paste (CTRL+V)
AhnLab SEcurity intelligence Center (ASEC) recently discovered that phishing files are being distributed via emails. The phishing files (HTML) attached to the emails prompt users to directly paste (CTRL+V) and run the commands. The threat actor sent emails about fee processing, operation instruction reviews, etc. to prompt recipients to open
