ASEC Weekly Malware Statistics (August 22nd, 2022 – August 28th, 2022) Posted By jcleebobgatenet , September 1, 2022 The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from August 22nd, 2022 (Monday) to August 28th, 2022 (Sunday). For the main category, info-stealer ranked top with 41.0%, followed by backdoor with 31.8%, downloader with 21.4%, and ransomware with 5.8%. Top 1 – Agent Tesla AgentTesla is an infostealer that ranked first place with 23.7%. It is an info-stealer that leaks user credentials…
ASEC Weekly Malware Statistics (August 15th, 2022 – August 21st, 2022) Posted By jcleebobgatenet , September 1, 2022 The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from August 15th, 2022 (Monday) to August 21st, 2022 (Sunday). For the main category, info-stealer ranked top with 57.8%, followed by backdoor with 24.2%, downloader with 13.7%, ransomware with 3.7%, and CoinMiner with 0.6%. Top 1 – Agent Tesla AgentTesla is an infostealer that ranked first place with 38.5%. It is an info-stealer that leaks…
RAT Tool Disguised as Solution File (*.sln) Being Distributed on Github Posted By jcleebobgatenet , September 1, 2022 The ASEC analysis team has recently discovered the distribution of a RAT Tool disguised as a solution file (*.sln) on GitHub. As shown in Figure 1, the malware distributor is sharing a source code on GitHub titled “Jpg Png Exploit Downloader Fud Cryter Malware Builder Cve 2022”. The file composition looks normal, but the solution file (*.sln) is actually a RAT tool. It is through methods like this that the malware distributor lures users to run the RAT tool by…
Attackers Using FRP (Fast Reverse Proxy) to Attack Korean Companies Posted By jcleebobgatenet , September 1, 2022 Recently, there have been frequent incidents where attackers infiltrated and took control of the internal network of Korean companies, starting with vulnerable servers externally exposed. Cases of Attacks Targeting Vulnerable Atlassian Confluence Servers Meterpreter Distributed to Vulnerable Server of Korean Medical Institution AsyncRAT Being Distributed to Vulnerable MySQL Servers This is a case of infiltration into an IIS web server or an MS Exchange server and is the same as previously known types. However, this post will discuss cases that…
ASEC Weekly Malware Statistics (August 8th, 2022 – August 14th, 2022) Posted By jcleebobgatenet , August 18, 2022 The ASEC analysis team is using the ASEC automatic analysis system RAPIT to categorize and respond to known malware. This post will list weekly statistics collected from August 8th, 2022 (Monday) to August 14th, 2022 (Sunday). For the main category, info-stealer ranked top with 41.9%, followed by backdoor with 38.4%, downloader with 16.8%, ransomware with 2.2%, and CoinMiner with 0.6%. Top 1 – Agent Tesla AgentTesla is an infostealer that ranked first place with 23.1%. It is an info-stealer that leaks…
