Mobile Security & Malware Issue 2st Week of December, 2025
Mobile

Mobile Security & Malware Issue 2st Week of December, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 2st Week of December, 2025”

  • Dec 15 2025
Distribution of EtherRAT Malware Exploiting React2Shell Vulnerability (CVE-2025-55182)
Malware Vulnerabilities

Distribution of EtherRAT Malware Exploiting React2Shell Vulnerability (CVE-2025-55182)

AhnLab SEcurity intelligence Center (ASEC) recently discovered an advanced malware distribution campaign using Node.js while tracking the recently disclosed React2Shell vulnerability. This attack installs EtherRAT through multiple stages, with the ultimate goal of gaining a foothold, stealing information, and stealing cryptocurrency.   After the threat actor accessed the IP address

  • Dec 12 2025
Mobile Security & Malware Issue 1st Week of December, 2025
Mobile

Mobile Security & Malware Issue 1st Week of December, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 1st Week of December, 2025”

  • Dec 05 2025
Security Incident Reported in Ad-Free YouTube App SmartTube: Users Advised to Stay Alert
Mobile

Security Incident Reported in Ad-Free YouTube App SmartTube: Users Advised to Stay Alert

The signature key information of the SmartTube app, which allows users to watch YouTube videos on Android smart TVs and set-top boxes without ads, has been leaked.   This incident was identified as multiple users received Play Protect warning messages and had their apps blocked.   Figure 1. User report

  • Dec 02 2025
Mobile Security & Malware Issue 4st Week of November, 2025
Mobile

Mobile Security & Malware Issue 4st Week of November, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 4st Week of November, 2025”

  • Nov 28 2025
Mobile Security & Malware Issue 3st Week of November, 2025
Mobile

Mobile Security & Malware Issue 3st Week of November, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 3st Week of November, 2025”

  • Nov 21 2025
Analysis Report on Malicious Apps Using Advanced Detection and Evasion Techniques
Mobile

Analysis Report on Malicious Apps Using Advanced Detection and Evasion Techniques

1. Overview Malware developers are using increasingly diverse techniques to evade anti-virus (AV) products. In the past, it was common for a single malicious app to implement all malicious behaviors. However, recently, apps have been discovered in which features are separated and need to be downloaded additionally, or encrypted files

  • Nov 19 2025
Analysis Report on AI-Based Obfuscated Malicious Apps Using Compromised Legitimate Websites as C2 Servers
Mobile

Analysis Report on AI-Based Obfuscated Malicious Apps Using Compromised Legitimate Websites as C2 Servers

1. Overview Malware impersonating a famous Korean delivery service has been continuously distributed, and the threat actor behind it is utilizing various techniques to evade anti-virus (AV) detection. In particular, obfuscation and packing techniques are being used, and many malware strains leveraging these techniques have been discovered. With the recent

  • Nov 18 2025
Mobile Security & Malware Issue 2st Week of November, 2025
Mobile

Mobile Security & Malware Issue 2st Week of November, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 2st Week of November, 2025”

  • Nov 14 2025
Mobile Security & Malware Issue 1st Week of November, 2025
Mobile

Mobile Security & Malware Issue 1st Week of November, 2025

ASEC Blog publishes “Mobile Security & Malware Issue 1st Week of November, 2025”

  • Nov 07 2025