ViperSoftX Malware Distributed by Arabic-Speaking Threat Actor
AhnLab SEcurity intelligence Center (ASEC) uncovered that attackers, suspected to be Arabic speakers, have been distributing ViperSoftX malware targeting Korean victims since April 1, 2025. ViperSoftX is typically spread through cracked software or torrents, masquerading as legitimate programs. The main characteristic of ViperSoftX is that it operates as a PowerShell
Distribution of Malware Under the Guise of MS Office Cracked Versions (XMRig, OrcusRAT, etc.)
Through a post titled “Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack” [1], AhnLab SEcurity intelligence Center (ASEC) previously disclosed an attack case in which a threat actor distributed RAT and CoinMiner to Korean users. Until recently, the attacker created and distributed various malware strains, such as
Analysis Report on Malware – Disguised as Cracked Programs Targeting Korean Users
Overview AhnLab SEcurity intelligence Center (ASEC) has discussed cases of Remote Access Trojan (RAT) and bitcoin miner attacks targeting Korean users in our ASEC blog post, “Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack[1].” Until recently, the attacker has been creating and distributing malware, and more
