April 2026 Infostealer Trend Report
Content this report summarizes the trends of new Infostealers collected during the month of April 2026, including distribution channels, malware distribution, malware quantity, detection quantity, and disguised targets. the data collected is based on ASEC’s Automated Data Collection System, Email Honeypot System, and AhnLab product detection results. Purpose and Scope
January 2026 Infostealer Trend Report
This report provides statistics, trends, and case information regarding the distribution quantity, distribution methods, and obfuscation techniques of Infostealer malware collected and analyzed during the month of January 2026. Below is a summary of the original report content. 1) Data Sources and Collection Methods AhnLab Security Intelligence Center (ASEC)
2025 Ransomware Threat Landscape: Impact on Korean Enterprises
Overview and Background The number of ransomware attacks has been increasing worldwide in recent years, and Korean companies are not exempt from this trend. The situation is particularly acute in Asia, where ransomware attacks have surged since 2023. This growing trend has prompted a need for a systematic analysis
June 2025 Infostealer Trend Report
This report provides statistics, trends, and case information on Infostealer malware including the distribution volume, distribution methods, and disguises based on the data collected and analyzed in June 2025. The following is a summary of the report. 1) Data Sources and Collection Methods AhnLab SEcurity intelligence Center (ASEC)
March 2025 Infostealer Trend Report
This report provides statistics, trends, and case information on the distribution quantity, distribution methods, and disguise techniques of Infostealer collected and analyzed during March 2025. Below is a summary of the report. 1. Data Sources and Collection Methods To proactively repond to Infostealer, AhnLab SEcurity intelligence Center (ASEC)
February 2025 Infostealer Trend Report
This report provides statistics, trends, and case information on the distribution quantity, distribution methods, and disguise techniques of Infostealer collected and analyzed during February 2025. Below is a summary of the report. 1. Data Sources and Collection Methods To proactively repond to Infostealer, AhnLab SEcurity intelligence Center (ASEC)
Infostealer Logs Analysis Report
Notice The Infostealer Logs analysis report is a report that analyzes various Infostealer logs (RedLine, Raccoon, Vidar, Meta, etc.) collected from the deep and dark web including Telegram. Please note that the source and content of the report cannot be verified in part. Infostealer Logs Analysis Report
Threat Actors Hack YouTube Channels to Distribute Infostealers (Vidar and LummaC2)
AhnLab SEcurity intelligence Center (ASEC) recently found that there are a growing number of cases where threat actors use YouTube to distribute malware. The attackers do not simply create YouTube channels and distribute malware—they are stealing well-known channels that already exist to achieve their goal. In one of the cases,
Warning Against Infostealer Disguised as Installer
The StealC malware disguised as an installer is being distributed en masse. It was identified as being downloaded via Discord, GitHub, Dropbox, etc. Considering the cases of distribution using similar routes, it is expected to redirect victims multiple times from a malicious webpage disguised as a download page for a
Distribution of LockBit Ransomware and Vidar Infostealer Disguised as Resumes
The distribution method involving the impersonation of resumes is one of the main methods used by the LockBit ransomware. Information related to this has been shared through the ASEC Blog in February of this year. [1] In contrast to the past where only the LockBit ransomware was distributed, it has
