December 2025 Infostealer Trend Report
Malware Trend

December 2025 Infostealer Trend Report

This report provides statistics, trends, and case information on Infostealer malware collected and analyzed during the month of December 2025, including distribution volume, distribution channels, and disguising techniques. The following is a summary of the report.   1) Data Source and Collection Method  The AhnLab SEcurity intelligence Center (ASEC) operates

  • Jan 15 2026
Security Risks Rise as Google Play Tightens Restrictions on Unlicensed Cryptocurrency Exchange Apps
Mobile

Security Risks Rise as Google Play Tightens Restrictions on Unlicensed Cryptocurrency Exchange Apps

Google has announced that, starting January 28, 2026, it will completely block the distribution of overseas cryptocurrency exchange apps on Google Play if they are not licensed by Korean financial authorities. ※Google Play (2026). Preview: Blockchain-based Content Source: https://support.google.com/googleplay/android-developer/answer/16302285?sjid=8888255779410190101-NC   Figure 1. Google Play Console Policy Center   According to Google’s

  • Jan 15 2026
Mobile Security & Malware Issue 4st Week of December, 2025
Mobile

Mobile Security & Malware Issue 4st Week of December, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 4st Week of December, 2025”

  • Dec 26 2025
Mobile Security & Malware Issue 3st Week of December, 2025
Mobile

Mobile Security & Malware Issue 3st Week of December, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 3st Week of December, 2025”

  • Dec 22 2025
Mobile Security & Malware Issue 2st Week of December, 2025
Mobile

Mobile Security & Malware Issue 2st Week of December, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 2st Week of December, 2025”

  • Dec 15 2025
Distribution of EtherRAT Malware Exploiting React2Shell Vulnerability (CVE-2025-55182)
Malware Vulnerabilities

Distribution of EtherRAT Malware Exploiting React2Shell Vulnerability (CVE-2025-55182)

AhnLab SEcurity intelligence Center (ASEC) recently discovered an advanced malware distribution campaign using Node.js while tracking the recently disclosed React2Shell vulnerability. This attack installs EtherRAT through multiple stages, with the ultimate goal of gaining a foothold, stealing information, and stealing cryptocurrency.   After the threat actor accessed the IP address

  • Dec 12 2025
Mobile Security & Malware Issue 1st Week of December, 2025
Mobile

Mobile Security & Malware Issue 1st Week of December, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 1st Week of December, 2025”

  • Dec 05 2025
Security Incident Reported in Ad-Free YouTube App SmartTube: Users Advised to Stay Alert
Mobile

Security Incident Reported in Ad-Free YouTube App SmartTube: Users Advised to Stay Alert

The signature key information of the SmartTube app, which allows users to watch YouTube videos on Android smart TVs and set-top boxes without ads, has been leaked.   This incident was identified as multiple users received Play Protect warning messages and had their apps blocked.   Figure 1. User report

  • Dec 02 2025
Mobile Security & Malware Issue 4st Week of November, 2025
Mobile

Mobile Security & Malware Issue 4st Week of November, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 4st Week of November, 2025”

  • Nov 28 2025
Mobile Security & Malware Issue 3st Week of November, 2025
Mobile

Mobile Security & Malware Issue 3st Week of November, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 3st Week of November, 2025”

  • Nov 21 2025