Proxyware Disguised as Notepad++ Tool
AhnLab SEcurity intelligence Center(ASEC) is monitoring Proxyjacking attacks and continuously disclosing distribution cases and IoCs identified in South Korea. The threat actor Larva‑25012, known for deploying Proxyware, has recently begun using malware disguised as a Notepad++ installer. In addition, the attacker is actively changing techniques to evade detection—such as injecting
Proxyware Malware Being Distributed on YouTube Video Download Site
AhnLab SEcurity intelligence Center (ASEC) introduced a case of threat actors distributing proxyware through the advertising page of a freeware software site in the past blog post “DigitalPulse Proxyware Being Distributed Through Ad Pages” [1]. The same threat actor has been continuously distributing proxyware, and multiple infection cases have been
