November 2025 Security Issues in Korean and Global Financial Sector
This report comprehensively covers real-world cyber threats and security issues that have occurred in the financial industry in Korea and worldwide. It includes an analysis of malware and phishing cases targeting the financial industry, a list of the top 10 malware strains targeting the industry, and statistics on the sectors
Ransom & Dark Web Issues Week 2, December 2025
ASEC Blog publishes Ransom & Dark Web Issues Weeks 2, December 2025. Source code from a South Korean camping reservation platform sold on DarkForums LockBit 5.0 targets 25 companies worldwide with ransomware attack Agencies from USA and Europe escalate pressure on pro-Russian hacktivists
Threats Behind the Mask of Gentlemen Ransomware
Gentlemen is a new ransomware group first identified around August 2025. The group operates a double extortion model that involves breaching corporate networks, exfiltrating data, encrypting the data, and then using the encrypted data to extort victims. During the breach, the group employs typical tactics seen in advanced ransomware groups,
Ransom & Dark Web Issues Week 1, December 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 1, December 2025. Source code from a South Korean AI solution company, shared on DarkForums Nova (RALord) targets a South Korean industrial equipment manufacturer with ransomware attack PLAY targets a South Korean auto parts manufacturer with
2025 Ransomware Threat Landscape: Impact on Korean Enterprises
Overview and Background The number of ransomware attacks has been increasing worldwide in recent years, and Korean companies are not exempt from this trend. The situation is particularly acute in Asia, where ransomware attacks have surged since 2023. This growing trend has prompted a need for a systematic analysis
Ransom & Dark Web Issues Week 4, November 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 4, November 2025 Qilin ransomware group claims attack on a Japanese company providing automotive financial services. Everest ransomware group launches data exfiltration attack against Spain’s largest airline. Access to internal systems of Saudi Arabia’s state-owned airport operator
Ransom & Dark Web Issues Week 3, Novermber 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 3, Novermber 2025 DireWolf launches ransomware attack against a Pakistani automobile assembly and sales company Massive data leak of major South Korean companies on DarkForums [1], [2], [3], [4] Akira ransomware group threatens data leak
October 2025 Security Issues in Korean and Global Financial Sector
This report comprehensively covers actual cyber threats and security issues relevant to the finance industry in Korea and around the world. The article includes an analysis of the malware and phishing cases distributed to the financial sector. It also provides a list of the top 10 malware targeting the financial
Ransom & Dark Web Issues Week 2, Novermber 2025
ASEC Blog publishes Ransom & Dark Web Issues Week 2, Novermber 2025 CLOP (CL0P), a ransomware group, has listed major global corporations and government agencies as victims. Data from Japan’s largest research institution shared on DarkForums. Emergence of a new ransomware and data exfiltration group
Analysis of Encryption Structure of Yurei Ransomware Go-based Builder
The Yurei ransomware group is a new group that was first publicly identified in early September 2025. This group adopts a typical ransomware operation model that infiltrates corporate networks, encrypts data, deletes backups, and then demands a ransom for the stolen information. While there is no clear evidence of their
