Remcos RAT Being Distributed to Korean Users
AhnLab SEcurity intelligence Center (ASEC) has confirmed the RAT distribution of the Remcos RAT targeting users in South Korea. While the original distribution pages remain unknown, the malware appears to masquerade as VeraCrypt installers or software associated with illegal gambling websites. 1. Malware Distribution One of the initial malware
Makop Ransomware Identified in Attacks in South Korea
AhnLab SEcurity intelligence Center (ASEC) recently identified cases of Makop ransomware attacks targeting South Korean users. The Makop ransomware has been distributed to South Korean users by disguising as resumes or emails related to copyrights for several years. Recently, it has been reported that the ransomware is exploiting RDP for
Detecting Akira Ransomware Attack Using AhnLab EDR
Akira is a relatively new ransomware threat actor that has been active since March 2023. Like other ransomware threat actors, they breach organizations and not only encrypt their files but also exfiltrate sensitive information to use in negotiations. As shown in the following 2024 statistics, the number of companies affected
Info-Stealer Malware Disguised as Illegal Pornography Being Distributed via Discord
The ASEC analysis team recently found an info-stealing malware that is being distributed via Discord messenger. The malware which is spread through Discord uses the Discord API to send the stolen information to the attacker. FYI, the Discord type method was introduced in the ASEC blog before. https://asec.ahnlab.com/en/19343/ The Discord
