webhard

Monero CoinMiner Being Distributed via Webhards

Webhards are the main platforms that the attackers targeting Korean users exploit to distribute malware. The ASEC analysis team has been monitoring malware types distributed through webhards and uploaded multiple blog posts about them in the past. Generally, attackers distribute malware with illegal programs such as adult games and crack versions of games. Those who use webhards as a distribution path typically install RAT type malware such as njRAT, UdpRAT, and DDoS IRC Bot. The team has recently discovered the…

BitRAT Disguised as Windows Product Key Verification Tool Being Distributed

The ASEC analysis team has recently discovered BitRAT which is being distributed via webhards. Because the attacker disguised the malware as Windows 10 license verification tool from the development stage, users who download illegal crack tools from webhard and install it to verify Windows license are at risk of having BitRAT installed into their PC. The following shows a post that was uploaded to webhard, one that harbors the malware. The title is [New][Quick Install]Windows License Verification[One-click]. A compressed file…

njRAT Being Distributed via Webhards

Webhards is a platform used to distribute malware, and it is mainly used by attackers that mainly target Korean users. The ASEC analysis team has been monitoring malware types distributed through webhards and has uploaded multiple blog posts about them in the past. Various types of malware are used recently such as UdpRat or DDoS IRC Bot developed with GoLang, but njRAT had been used in multiple attacks in the past. njRAT Malware Distributed via Major Korean Webhard 파일 공유…

DDoS IRC Bot Malware (GoLang) Being Distributed via Webhards

While monitoring the distribution source of malware in Korea, the ASEC analysis team has discovered that DDoS IRC Bot strains disguised as adult games are being installed via webhards. Webhards are platforms commonly used for the distribution of malware in Korea, where njRAT and UDP Rat were distributed in the past. UDP RAT Malware Being Distributed via Webhards The cases that are recently being discovered are similar to the case discussed in the post above, and it appears that the…

UDP RAT Malware Being Distributed via Webhards

While monitoring the distribution source of malware in Korea, the ASEC analysis team found that UDP RAT malware disguised as an adult game is being distributed via webhards. Webhards and torrents are platforms commonly used for the distribution of malware in Korea. Attackers normally use easily obtainable malware such as njRAT and UDP RAT and disguise them as normal programs such as games or adult content for distribution. Similar cases were introduced in the previous ASEC blogs multiple times: – njRAT…