Statistics Report on Malware Targeting Windows Web Servers in Q4 2025
AhnLab SEcurity intelligence Center (ASEC) is using the AhnLab Smart Defense (ASD) infrastructure to respond to and categorize attacks targeting poorly managed Windows web servers. This post will cover the damage status of Windows web servers that have become attack targets and the statistics of attacks that occurred against these
Statistical Report on Malware Targeting Windows Web Servers in Q2 2025
Overview AhnLab SEcurity intelligence Center (ASEC) is using the AhnLab Smart Defense (ASD) infrastructure to respond to and categorize attacks against poorly managed Windows web servers. This report covers the current state of damage to Windows web servers which had become the target of attacks based on the logs identified
Statistical Report on Malware Targeting Windows Web Servers in Q1 2025
Overview AhnLab SEcurity intelligence Center (ASEC) responds to and classifies attacks that target inappropriately managed Windows web servers by utilizing the AhnLab Smart Defense (ASD) infrastructure. This post covers the damage status of Windows web servers that have been targeted in attacks and provides statistics on the attacks based on
Analysis of Lazarus Group’s Attack on Windows Web Servers
AhnLab SEcurity intelligence Center (ASEC) has identified attack cases of the Lazarus group breaching a normal server and using it as a C2. Attacks that install a web shell and C2 script on South Korean web servers continue to occur. Additionally, there are cases where LazarLoader malware and privilege escalation
Statistical Report on Malware Targeting Windows Web Servers in Q4 2024
Overview AhnLab SEcurity intelligence Center (ASEC) responds to and classifies attacks that target inappropriately managed Windows web servers by utilizing the AhnLab Smart Defense (ASD) infrastructure. This post covers the damage status of Windows web servers that have been targeted in attacks and provides statistics on the attacks based on
Analysis Report on Larva-24011 Threat Actor’s Latest Attack Trend
1. Overview The Larva-24011 threat actor is targeting vulnerable systems to install CoinMiner and proxyware for financial gain. AhnLab Security Intelligence Center (ASEC) has recently observed that besides installing CoinMiner and proxyware, the threat actor is engaging in more attack cases of controlling infected systems and exfiltrating information such as
Statistical Report on Malware Targeting Windows Web Servers in Q3 2024
OverviewStatistics1. Status of Attacks Against Windows Web Servers 2. Categorization of Malware Used in Attacks 2.1. Privilege Escalation Tools 2.2. Hacking Tools 2.3. Backdoor 2.4. CoinMiner 3. Statistics on Web Shells Used in Attacks 3.1. Web Shell Statistics 4. Cases of Attacks in Q3 2024 Conclusion Overview AhnLab SEcurity intelligence Center (ASEC)
Analysis Report on APT Attack Cases Using noMu Backdoor
AhnLab SEcurity intelligence Center (ASEC) has recently identified attack cases where an unknown threat actor installed various remote control malware targeting Korean users and systems. The threat actor used a range of reverse shells, backdoors, and VNC malware strains, and also utilized RDP for remote screen control. Among the malware
Statistical Report on Malware Targeting Windows Web Servers in Q2 2024
Overview AhnLab SEcurity intelligence Center (ASEC) uses the AhnLab Smart Defense (ASD) infrastructure to respond to and classify attacks on poorly managed Windows web servers. This report covers the current state of damage to Windows web servers which have become the target of attacks based on the logs identified
Statistical Report on Malware Targeting Windows Web Servers in Q1 2024
Overview AhnLab SEcurity intelligence Center (ASEC) uses the AhnLab Smart Defense (ASD) infrastructure to respond to and classify attacks on poorly managed Windows web servers. This report covers the current state of damage to Windows web servers which have become the target of attacks based on the logs identified
