Distribution of IIS Malware Targeting Web Servers (Larva-25003)
Overview In February 2025, AhnLab SEcurity intelligence Center (ASEC) identified a threat actor, believed to be Chinese-speaking, distributing a web server native module targeting a South Korean web server. The threat actor gained control over the web server by attempting initial access to poorly managed web servers and using
