March 2026 APT Attack Trends Report (Domestic)
Overview ahnLab monitored APT attacks against domestic targets during the month of March 2026. most of the attacks were launched through Spear Phishing emails sent after reconnaissance of specific targets. APT Attack Trends in Korea the majority of distribution vectors were shortcut (.lnk) files, with LNK-based attacks dominating. Type A
February 2026 APT Attack Trends Report (South Korea)
Overview. ahnLab monitored APT attacks against domestic targets during the month of February 2026 through its infrastructure. this report summarizes the classification, statistics, and features of each type of domestic APT attacks identified during the period. APT Domestic Attack Trends. we found that most of the infiltrations were carried out
January 2026 Threat Trend Report on APT Attacks (South Korea)
Overview Ahnlabs is monitoring APT (Advanced Persistent Threat) attacks in South Korea by utilizing their own infrastructure. This report covers the classification, statistics, and features of APT attacks in South Korea that were identified in January 2026. Figure 1. Statistics of APT attacks in South Korea in January 2026
December 2025 APT Attack Trend Report (South Korea)
Overview AhnLab monitoring APT (Advanced Persistent Threat) attacks in South Korea using its own infrastructure. This report covers the classification and statistics of APT attacks in South Korea that were identified over the course of one month in December 2025. It also provides an overview of the features of each
Guloader Malware Being Disguised as Employee Performance Reports
AhnLab SEcurity intelligence Center (ASEC) recently discovered the Guloader malware being distributed via phishing emails disguised as an employee performance report. The email claims to be informing the recipient about the report for October 2025, and prompts the recipient to check the attachment by mentioning the plan to dismiss some
xRAT (QuasarRAT) Malware Being Distributed Through Webhard (Adult Games)
AhnLab SEcurity intelligence Center (ASEC) recently discovered that the xRAT (QuasarRAT) malware is being distributed through a webhard disguised as an adult game. In Korea, webhard services are one of the most commonly used platforms for distributing malware. Typically, threat actors use malware that are easily accessible, such as
November 2025 APT Attack Trends Report (South Korea)
Overview AhnLab is monitoring APT (Advanced Persistent Threat) attacks in South Korea using our own infrastructure. This report covers the classification and statistics of APT attacks in South Korea that were identified over the course of one month in November 2025. It also provides an overview of the features
October 2025 APT Attack Trends Report (South Korea)
Overview AhnLab is monitoring Advanced Persistent Threat (APT) attacks in South Korea by utilizing their own infrastructure. This report covers the classification, statistics, and features of APT attacks in South Korea that were identified in October 2025. Figure 1. Statistics of APT attacks in South Korea in October 2025
Distribution of Malware Abusing LogMeIn and PDQ Connect
AhnLab SEcurity intelligence Center (ASEC) recently identified cases of attacks abusing the RMM (Remote Monitoring and Management) tools LogMeIn Resolve (GoTo Resolve) and PDQ Connect. While the initial distribution method is unknown, the attacks involve a legitimate-looking website that disguises the malware as a normal program. When a user downloads
September 2025 APT Attack Trends Report (South Korea)
Overview Ahnlabs is monitoring APT (Advanced Persistent Threat) attacks in South Korea by utilizing their own infrastructure. This report covers the classification, statistics, and features of APT attacks in South Korea that were identified in September 2025. Figure 1. Statistics of APT attacks in September 2025 In Korea, most
