xRAT (QuasarRAT) Malware Being Distributed Through Webhard (Adult Games)
AhnLab SEcurity intelligence Center (ASEC) recently discovered that the xRAT (QuasarRAT) malware is being distributed through a webhard disguised as an adult game. In Korea, webhard services are one of the most commonly used platforms for distributing malware. Typically, threat actors use malware that are easily accessible, such as
Private HTS Program Continuously Used in Attacks
AhnLab SEcurity intelligence Center (ASEC) has previously covered a case where Quasar RAT was distributed through private home trading systems (HTS) in the blog post “Quasar RAT Being Distributed by Private HTS Program“. The same threat actor has been continuously distributing malware, and attack cases have been confirmed even recently.
GitHub Repository Used by Kimsuky Threat Group
Overview While analyzing the Kimsuky group’s malware, AhnLab SEcurity intelligence Center (ASEC) discovered a certain GitHub repository. An inspection revealed that a strain of the FlowerPower malware that has been distributed since 2020 was uploaded. It also contained user information exfiltrated to GitHub and was confirmed to be the
