Attack Cases of CoinMiners Mining Ethereum Classic Coins
The ASEC analysis team is monitoring CoinMiners that are targeting Korean and overseas users. We have covered cases of various types of CoinMiner attacks over multiple blog posts in the past. This post aims to introduce the recently discovered malware that mine Ethereum Classic coins. 0. Overview CoinMiners are installed
Vidar Stealer Exploiting Various Platforms
Vidar Malware is one of the active Infostealers, and its distribution has been significantly increasing. Its characteristics include the use of famous platforms such as Telegram and Mastodon as an intermediary C2. The link below is a post about a case where malicious behaviors were performed using Mastodon. Vidar Exploiting
Vidar Exploiting Social Media Platform (Mastodon)
The ASEC analysis team has recently discovered that Vidar is exploiting a social media platform named Mastodon to create C&C server addresses. Mastodon website Vidar is an info-stealer malware installed through spam emails and PUP, sometimes being disguised as a KMSAuto authenticator tool. It has been consistently distributed since
Info-leaking Malware Distributed Through Google Keyword Search
The ASEC analysis team has previously dealt with BeamWinHTTP malware being distributed through adware and PUP programs. When users install cracks and keygens by downloading the installers from the phishing page, various PUP programs and BeamWinHTTP malware are installed together. BeamWinHTTP additionally installs info-leaking malware (info-stealers). When users search with
