Larva-25010 – Analysis on the APT Down Threat Actor’s PC
This report covers the seven posts on the breach analysis of APT Down, which were published in “Threat Notes” of AhnLab TIP after the release of the “APT Down: the North Korea Files” report, along with additional analysis. Post on Aug 12, 2025, “APT DOWN – Analysis of Korean
August 2025 Trends Report on Phishing Emails
This report provides the distribution quantity, statistics, trends, and case information on phishing emails and attachments collected and analyzed over the course of a month in August 2025. The following are some statistics and cases included in the original report. 1) Statistics of Phishing Email Threats In August 2025, the
August 2025 Security Issues in Korean & Global Financial Sector
This report comprehensively covers actual cyber threats and security issues related to financial companies in South Korea and abroad. This article includes an analysis of malware and phishing cases distributed to the financial sector, the top 10 malware strains targeting the financial sector, and the industry statistics of leaked Korean
July 2025 Trend Report on Phishing Emails
This report provides the distribution quantity, statistics, trends, and case information on phishing emails and email threats collected and analyzed for one month in July 2025. The following are some statistics and cases included in the original report. 1) Statistics of Phishing Email Threats In July 2025, the most common
July 2025 Security Issues in Korean & Global Financial Sector
This report comprehensively covers actual cyber threats and security issues that have taken place targeting financial companies in Korea and abroad. This report includes an analysis of malware and phishing cases distributed to the financial industry, the top 10 malware strains targeting the financial sector, and statistics on the industries
Malicious LNK Disguised as Credit Card Security Email Authentication Pop-up
AhnLab SEcurity intelligence Center (ASEC) has recently identified a case where a malicious LNK file is disguised as the credit card security email authentication pop-up to steal user information. The identified malicious LNK file has the following file name, disguising itself as the credit card company. **card_detail_20250610.html.lnk The threat actor has been
RokRAT Malware Using Malicious Hangul (.HWP) Documents
AhnLab SEcurity intelligence Center (ASEC) recently discovered the distribution of RokRAT malware using a Hangul Word Processor document (.hwp). RokRAT is typically distributed by including a decoy file and malicious script inside a shortcut (LNK) file. However, ASEC found a case where the malware was distributed through HWP documents instead
June 2025 Security Issues in Korean & Global Financial Sector
This report comprehensively covers actual cyber threats and security issues related to financial companies in South Korea and abroad. This article includes an analysis of malware and phishing cases distributed to the financial sector, the top 10 malware strains targeting the financial sector, and the industry statistics of leaked Korean
June 2025 Trends Report on Phishing Emails
This report provides the distribution quantity, statistics, trends, and case information on phishing emails and email threats collected and analyzed for one month in June 2025. The following are some statistics and cases included in the original report. 1) Statistics on Attachment Threats in June 2025 In June 2025, the
Infostealer Disguised as Copyright Infringement Document Distributed in Korea
AhnLab SEcurity intelligence Center (ASEC) has confirmed that Infostealer malware disguised as a document containing legal responsibilities and copyright infringement facts is continuously being distributed in Korea. It is mainly distributed through links in email attachments, and the email instructs the recipients to download the evidence related to the copyright
