Analysis of Attack Cases Against Korean Solutions by the Andariel Group (SmallTiger)
The Andariel group has been attacking various software used by South Korean companies since the past [1]. Notably, these include asset management solutions and data loss prevention (DLP) solutions, and vulnerability attack cases have also been identified in various other solutions. Attack cases by the Andariel group are continuing in
SmallTiger Malware Used in Attacks Against South Korean Businesses (Kimsuky and Andariel)
AhnLab SEcurity intelligence Center (ASEC) is responding to recently discovered cases that are using the SmallTiger malware to attack South Korean businesses. The method of initial access has not yet been identified, but the threat actor distributed SmallTiger into the companies’ systems during the lateral movement phase. South Korean defense
