“Totally Unexpected” Package Malware Using Modified Notepad++ Plug-in (WikiLoader)
AhnLab SEcurity intelligence Center (ASEC) has recently identified the distribution of a modified version of “mimeTools.dll”, a default Notepad++ plug-in. The malicious mimeTools.dll file in question was included in the package installation file of a certain version of the Notepad++ package and disguised as a legitimate package file. As shown
Malicious CHM Being Distributed to Korean Universities
The ASEC analysis team discovered that a malicious CHM file targeting certain Korean universities is distributed on a massive scale. The file that is being distributed is the same type as the one discussed in a post uploaded in May. Backdoor (*.chm) Disguised as Document Editing Software and Messenger Application
Distribution of Remcos RAT Disguised as Tax Invoice
The ASEC analysis team has discovered Remcos RAT being distributed under the disguise of a tax invoice. The content and the type of phishing email are similar to the type that has been consistently discussed in previous blogs. Within the email, it has a short message written in awkward grammar.
