Joint Analysis by AhnLab and NCSC on TA-ShadowCricket: Emerging Malware Trends and IRC Server Tracking
AhnLab and the National Cyber Security Center (NCSC) have released a report that details the activities of the TA-ShadowCricket group from 2023 to the present. Full Report: (APT Group Tracking Report) TA-ShadowCricket_2025.05.23.pdf Since November 2024, AhnLab has been working with the NCSC to analyze the malicious IRC
Case of Attack Targeting MS-SQL Servers Abusing GotoHTTP
AhnLab SEcurity intelligence Center (ASEC) has been monitoring MS-SQL servers that are being managed inappropriately and recently discovered an attack case abusing GotoHTTP. 1. GotoHTTP Remote control tools are used to control systems remotely, providing features such as remote desktop and file transfer. AnyDesk, ToDesk, RuDesktop, TeamViewer, and
Analysis of CLR SqlShell Used to Attack MS-SQL Servers
This blog post will analyze the CLR SqlShell malware that is being used to target MS-SQL servers. Similar to WebShell, which can be installed on web servers, SqlShell is a malware strain that supports various features after being installed on an MS-SQL server, such as executing commands from threat actors
