xRAT (QuasarRAT) Malware Being Distributed Through Webhard (Adult Games)
AhnLab SEcurity intelligence Center (ASEC) recently discovered that the xRAT (QuasarRAT) malware is being distributed through a webhard disguised as an adult game. In Korea, webhard services are one of the most commonly used platforms for distributing malware. Typically, threat actors use malware that are easily accessible, such as
Distribution of Malware Under the Guise of MS Office Cracked Versions (XMRig, OrcusRAT, etc.)
Through a post titled “Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack” [1], AhnLab SEcurity intelligence Center (ASEC) previously disclosed an attack case in which a threat actor distributed RAT and CoinMiner to Korean users. Until recently, the attacker created and distributed various malware strains, such as
Analysis Report on Malware – Disguised as Cracked Programs Targeting Korean Users
Overview AhnLab SEcurity intelligence Center (ASEC) has discussed cases of Remote Access Trojan (RAT) and bitcoin miner attacks targeting Korean users in our ASEC blog post, “Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack[1].” Until recently, the attacker has been creating and distributing malware, and more
Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack
The ASEC analysis team recently identified Orcus RAT being distributed on file-sharing sites disguised as a cracked version of Hangul Word Processor. The threat actor that distributed this malware is the same person that distributed BitRAT and XMRig CoinMiner disguised as a Windows license verification tool on file-sharing sites.[1] The malware
BitRAT Disguised as Windows Product Key Verification Tool Being Distributed
The ASEC analysis team has recently discovered BitRAT which is being distributed via webhards. Because the attacker disguised the malware as Windows 10 license verification tool from the development stage, users who download illegal crack tools from webhard and install it to verify Windows license are at risk of having
njRAT Being Distributed via Webhards
Webhards is a platform used to distribute malware, and it is mainly used by attackers that mainly target Korean users. The ASEC analysis team has been monitoring malware types distributed through webhards and has uploaded multiple blog posts about them in the past. Various types of malware are used recently
DDoS IRC Bot Malware (GoLang) Being Distributed via Webhards
While monitoring the distribution source of malware in Korea, the ASEC analysis team has discovered that DDoS IRC Bot strains disguised as adult games are being installed via webhards. Webhards are platforms commonly used for the distribution of malware in Korea, where njRAT and UDP Rat were distributed in the
