February 2025 Infostealer Trend Report
This report provides statistics, trends, and case information on the distribution quantity, distribution methods, and disguise techniques of Infostealer collected and analyzed during February 2025. Below is a summary of the report. 1. Data Sources and Collection Methods To proactively repond to Infostealer, AhnLab SEcurity intelligence Center (ASEC)
ACRStealer Infostealer Exploiting Google Docs as C2
AhnLab SEcurity intelligence Center (ASEC) monitors the Infostealer malware disguised as illegal programs such as cracks and keygens being distributed, and publishes related trends and changes through the Ahnlab TIP and ASEC Blog posts. While the majority of the malware distributed in this manner has been the LummaC2 Infostealer, the
Rhadamanthys Infostealer Being Distributed Through MSC Extension
AhnLab SEcurity intelligence Center (ASEC) has confirmed that Rhadamanthys Infostealer is being distributed as a file with the MSC extension. The MSC extension is an XML-based format that is executed by the Microsoft Management Console (MMC), and it can register and execute various tasks such as script code and command
January 2025 Infostealer Trend Report
This report provides statistics, trends, and case information on the distribution quantity, distribution methods, and disguise techniques of Infostealer collected and analyzed during January 2025. Below is a summary of the report’s content. 1. Data Sources and Collection Methods To proactively respond to Infostealer, AhnLab Security Emergency response
January 2025 Security Issues in Korean & Global Financial Sector
This report comprehensively covers actual cyber threats and security issues that have occurred in the financial industry in South Korea and abroad. This includes the analysis of malware and phishing cases distributed to the financial sector, the Top 10 malware targeting the financial sector, and statistics on the industries of
Persistent Threats from the Kimsuky Group Using RDP Wrapper
AhnLab SEcurity intelligence Center (ASEC) has previously analyzed cases of attacks by the Kimsuky group, which utilized the PebbleDash backdoor and their custom-made RDP Wrapper. The Kimsuky group has been continuously launching attacks of the same type, and this post will cover additional malware that have been identified. 1.
Security Issues in the Financial Sector in December 2024
This report comprehensively covers actual cyber threats and security issues that have occurred in the financial industry in South Korea and abroad. This includes the analysis of malware and phishing cases distributed to the financial sector, the Top 10 malware targeting the financial sector, and statistics on the industries of
Increase in Distribution of AutoIt Compile Malware via Phishing Emails
Overview AhnLab SEcurity intelligence Center (ASEC) releases weekly information about malware distributed via phishing emails under the title “Weekly Phishing Email Distribution Cases” on the ASEC Blog. While .NET-based malware was previously the most common type in EXE file distributions, there has been a recent surge in malware created
Report on Smishing-Based Mobile Security Threats
1. Overview Smartphones have become an essential tool in modern society and are at the center of everyday life. However, this has led to a continuous increase in malicious mobile crimes. Among them, smishing has become a major means of executing various crimes, including personal information theft, credential abuse, and
November 2024: Security Issues in the Financial Industry
This report comprehensively covers actual cyber threats and security issues that have occurred in the financial industry in South Korea and abroad. The article includes an analysis of malware and phishing cases distributed to the financial sector, the Top 10 malware targeting the financial sector, and statistics on the industries
