Private HTS Program Continuously Used in Attacks
AhnLab SEcurity intelligence Center (ASEC) has previously covered a case where Quasar RAT was distributed through private home trading systems (HTS) in the blog post “Quasar RAT Being Distributed by Private HTS Program“. The same threat actor has been continuously distributing malware, and attack cases have been confirmed even recently.
GitHub Repository Used by Kimsuky Threat Group
Overview While analyzing the Kimsuky group’s malware, AhnLab SEcurity intelligence Center (ASEC) discovered a certain GitHub repository. An inspection revealed that a strain of the FlowerPower malware that has been distributed since 2020 was uploaded. It also contained user information exfiltrated to GitHub and was confirmed to be the
