Account Credential-Stealing Malware Detected by AhnLab MDS (Web Browsers, Email, FTP)
For convenience, users frequently use automatic login feature provided by programs like web browsers, email clients, and FTP clients. This allows programs to store user account credentials in their settings data. Therefore, despite being a convenient feature, this poses a security risk because threat actors are then able to leak
Downloader Disguised With Contents on Violation of Intellectual Property Rights (Detected by MDS)
On August 28, AhnLab Security Emergency response Center (ASEC) discovered circumstances of a downloader in distribution disguised with contents regarding the violation of intellectual property rights, targeting unspecified masses in Korea. The distributed malware included a code that detects virtual environments to evade sandbox-based security solutions and was a .NET-type
GuLoader Malware Disguised as Tax Invoices and Shipping Statements (Detected by MDS Products)
AhnLab Security Emergency response Center (ASEC) has identified circumstances of GuLoader being distributed as attachments in emails disguised with tax invoices and shipping statements. The recently identified GuLoader variant was included in a RAR (Roshal Archive Compressed) compressed file. When a user executes GuLoader, it ultimately downloads known malware strains
MDS’ Evasion Feature of Anti-sandboxes That Uses Pop-up Windows
AhnLab Security Emergency response Center (ASEC) is monitoring various anti-sandbox tactics to evade sandboxes. This post will cover the rather persistent anti-sandbox technique that exploits the button form of the malicious IcedID Word files and the evasion feature of AhnLab’s MDS which is meant for detecting malicious behavior. An anti-sandbox
