Rhadamanthys Infostealer Being Distributed Through MSC Extension
AhnLab SEcurity intelligence Center (ASEC) has confirmed that Rhadamanthys Infostealer is being distributed as a file with the MSC extension. The MSC extension is an XML-based format that is executed by the Microsoft Management Console (MMC), and it can register and execute various tasks such as script code and command
December 2024 Threat Trend Report on APT Attacks (South Korea)
Overview AhnLab has been using AhnLab Smart Defense (ASD) to monitor advanced persistent threat (APT) attacks against targets in South Korea. This report will cover the types and statistics of APT attacks in South Korea during December 2024 as well as features for each type. Figure 1. December 2024 statistics
November 2024 Threat Trend Report on APT Attacks (South Korea)
Overview AhnLab has been using AhnLab Smart Defense (ASD) to monitor advanced persistent threat (APT) attacks against targets in Korea. This report will cover the types and statistics of APT attacks in Korea during November 2024 as well as features of each type. Figure 1. November 2024 statistics on
2024 MSC Malware Trend Report
With the decrease in distribution of MS Office document-type malware, the distribution of malware in various formats such as LNK and CHM is on the rise. In the second quarter of this year, malware in the MSC (snap-ins/Management Saved Console) file format used in Microsoft Management Console (MMC) was identified.
October 2024 Threat Trend Report on APT Attacks (South Korea)
Overview AhnLab has been using AhnLab Smart Defense (ASD) to monitor advanced persistent threat (APT) attacks against targets in Korea. This report will cover the types and statistics of APT attacks in Korea during October 2024 as well as features of each type. Figure 1. October 2024
Threat Trend Report on APT Attacks (South Korea) – September 2024 Major Issues on APT Attacks in South Korea
This report covers classification and statistics on APT domestic attacks confirmed during the month of September 2024 and introduces the functions of each type. Below is a summary of some of the information. [Table of Contents] Overview Trends of APT Attacks in Korea Spear Phishing Attacks Using LNK Files Attacks Using
Kimsuky Group’s Malware Disguised as Lecture Request Form (MSC, HWP)
Recently, malware disguised as a lecture request form targeting specific users was identified. The distributed files include Hangul Word Processor (HWP) documents and files in MSC format, which download additional malicious files. Decoy document files used to disguise as legitimate documents have been found to sometimes contain personal information, suggesting
Threat Trend Report on APT Attacks – August 2024 Major Issues on APT Attacks in South Korea
This report covers classification and statistics on APT domestic attacks confirmed during the month of August 2024 and introduces the functions of each type. Below is a summary of some of the information. [Table of Contents] Overview Trends of APT Attacks in Korea Spear Phishing Attacks Using LNK Files Attacks Using
Distribution of MSC File Exploiting Amazon Service
AhnLab SEcurity intelligence Center (ASEC) has discovered the distribution of malicious MSC file that is exploiting the Amazon service. The MSC extension has XML file format structure, and is executed by Microsoft Management Console (MMC). The number of distribution has increased since the disclosure by the Elastic Security Labs on
