Warning Against Phishing Emails Impersonating Major Korean Entertainment Agencies
AhnLab SEcurity Intelligence Center (ASEC) releases weekly and quarterly phishing email statistical reports on the ASEC blog, with fake login, delivery, and purchase order request types being the most common. However, it has been confirmed that phishing emails impersonating major Korean entertainment agencies have recently been distributed in Korea. The
Security Issues in Korean & Global Financial Sector – Malware, Phishing, Deep Web & Dark Web Cases in September 2024
This report comprehensively covers actual cyber threats and related security issues that have occurred targeting domestic and foreign financial companies. It includes analysis of malware and phishing cases distributed targeting the financial sector, presents the top 10 major malware targeting the financial sector, and also provides industry statistics on domestic
Distribution of SectopRAT (ArechClient2) Disguised as Notion Installer
Notion is a collaboration tool providing features to manage projects and record them, used by many worldwide. Such popular programs may become targeted by threat actors since attackers can create web pages uploaded with malware strains that pretend to offer legitimate programs. Users may end up downloading malware when
Security Issues in Korean & Global Financial Sector – Malware, Phishing, Deep Web & Dark Web Cases in August 2024
This report comprehensively covers actual cyber threats and related security issues that have occurred targeting domestic and foreign financial companies. It includes analysis of malware and phishing cases distributed targeting the financial sector, presents the top 10 major malware targeting the financial sector, and also provides industry statistics on domestic
Security Issues in Korean & Global Financial Sector – Malware, Phishing, Deep Web & Dark Web Cases in July 2024
This report comprehensively covers actual cyber threats and related security issues that have occurred targeting domestic and foreign financial companies. It includes analysis of malware and phishing cases distributed targeting the financial sector, presents the top 10 major malware targeting the financial sector, and also provides industry statistics on domestic
SnakeKeylogger Malware Detected by AhnLab EDR
1. Overview SnakeKeylogger, an Infostealer created with .NET, can leak data using emails, FTP, SMTP, or Telegram. The malware has been consistently distributed and was covered in a previous ASEC Blog post. [1] This post will reveal the trace of the malicious behaviors of SnakeKeylogger analyzed in the previous post
Distribution of SnakeKeylogger Malware via Email
AhnLab SEcurity intelligence Center (ASEC) has recently identified cases where the SnakeKeylogger malware is being distributed via email. SnakeKeylogger is an Infostealer type of malware developed using the .NET language, and it is characterized by its methods of data exfiltration through email, FTP, SMTP, or Telegram. Figure 1. Phishing email
Security Issues in Korean & Global Financial Sector – Malware, Phishing, Deep Web & Dark Web in June 2024
This report covers security issues related to the domestic and international financial sector. It consists of content confirmed in phishing, malware, and deep web & dark web. – Statistics on Malware Distributed to Financial Sectors – Statistics on Korean Accounts Exfiltrated Via Telegram by Industry MD5 2586ef80415ac670c1b81367efae7b3d 28127336f11129fd4a3af24e421efdb4 2d67fe77b8b1e53d43ddad90aedd08f0
Security Issues in Korean & Global Financial Sector – Malware, Phishing, Deep Web & Dark Web in May 2024
Statistics on Malware Distributed to Financial Sector Statistics on Korean Accounts Exfiltrated Via Telegram by Industry MD5 0880757f5b51656408c82fb711fc6f68 088b74f4e87aebbc195f3f17a857eef9 2fde0e06e525e4bccd440a098048a453 45ed98fba139350af5022567dcb6ff10 5c53639753a4e974294f8860302d8bac
Analysis of APT Attack Cases Using Dora RAT Against Korean Companies (Andariel Group)
AhnLab SEcurity intelligence Center (ASEC) has recently discovered Andariel APT attack cases against Korean corporations and institutes. Targeted organizations included educational institutes and manufacturing and construction businesses in Korea. Keylogger, Infostealer, and proxy tools on top of the backdoor were utilized for the attacks. The threat actor probably used these
