June 2025 APT Attack Trends Report (South Korea)
Overview AhnLab has been using AhnLab Smart Defense (ASD) to monitor advanced persistent threat (APT) attacks against targets in Korea. This report will cover the types and statistics of APT attacks in Korea during June 2025 as well as features for each type. Figure 1. June 2025 statistics
Distribution of PebbleDash Malware in March 2025
PebbleDash is a backdoor malware that was previously identified by the Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. as a backdoor malware of Lazarus (Hidden Corba) in 2020. At the time, it was known as the malware of the Lazarus group, but recently, there have been more cases
BeaverTail and Tropidoor Malware Distributed via Recruitment Emails
On November 29, 2024, a case was disclosed in which threat actors impersonated a recruitment email from a developer community called Dev.to to distribute malware. [1] In this case, the attacker provided a BitBucket link containing a project, and the victim discovered malicious code within the project and disclosed it
January 2025 Threat Trend Report on APT Attacks (South Korea)
Overview AhnLab is monitoring Advanced Persistent Threat (APT) attacks in South Korea using its own infrastructure. This report covers the classification and statistics of APT attacks in South Korea that have been identified over the course of a month in January 2025, as well as the features of each attack
December 2024 Threat Trend Report on APT Attacks (South Korea)
Overview AhnLab has been using AhnLab Smart Defense (ASD) to monitor advanced persistent threat (APT) attacks against targets in South Korea. This report will cover the types and statistics of APT attacks in South Korea during December 2024 as well as features for each type. Figure 1. December 2024 statistics
November 2024 Threat Trend Report on APT Attacks (South Korea)
Overview AhnLab has been using AhnLab Smart Defense (ASD) to monitor advanced persistent threat (APT) attacks against targets in Korea. This report will cover the types and statistics of APT attacks in Korea during November 2024 as well as features of each type. Figure 1. November 2024 statistics on
2024 MSC Malware Trend Report
With the decrease in distribution of MS Office document-type malware, the distribution of malware in various formats such as LNK and CHM is on the rise. In the second quarter of this year, malware in the MSC (snap-ins/Management Saved Console) file format used in Microsoft Management Console (MMC) was identified.
October 2024 Threat Trend Report on APT Attacks (South Korea)
Overview AhnLab has been using AhnLab Smart Defense (ASD) to monitor advanced persistent threat (APT) attacks against targets in Korea. This report will cover the types and statistics of APT attacks in Korea during October 2024 as well as features of each type. Figure 1. October 2024
Analysis Report on the Latest Attack Cases by Kimsuky Group Exploiting PebbleDash and RDP Wrapper
Analysis Overview AhnLab SEcurity intelligence Center (ASEC) recently identified that the Kimsuky group is using the backdoor PebbleDash and RDP Wrapper in multiple attacks. The threat actor uses LNK during initial access to install PowerShell malware on the infected system. Once this process is complete, they install custom-made remote control
Larva-24009 Threat Actor’s Spear Phishing Attack Case Report
AhnLab SEcurity intelligence Center (ASEC) recently confirmed that the Larva-24009 threat actor is carrying out spear phishing attacks targeting Korean users. The threat actor has been active since around 2023 and has been primarily using spear phishing attacks targeting global users. Yet it has been recently confirmed that there are
