Statistical Report on Malware Targeting Linux SSH Servers in Q4 2024
Trend

Statistical Report on Malware Targeting Linux SSH Servers in Q4 2024

Overview AhnLab SEcurity intelligence Center (ASEC) conducts response and classification of brute force or dictionary attacks targeting poorly managed Linux SSH servers using honeypots. This report will cover the status of attack sources identified in the fourth quarter of 2024 based on logs, as well as statistics on attacks performed

  • Jan 06 2025
Supershell Malware Being Distributed to Linux SSH Servers
Malware

Supershell Malware Being Distributed to Linux SSH Servers

AhnLab SEcurity intelligence Center (ASEC) has recently discovered an attack case installing the Supershell backdoor on inadequately managed Linux SSH servers. Created by a Chinese-speaking developer, Supershell is developed in the Go language and supports various platforms including Windows, Linux, and Android. Its primary function is a reverse shell, which

  • Sep 11 2024
Binary Managed Object File (BMOF) Distributing XMRig CoinMiner (Detected by MDS)
Malware

Binary Managed Object File (BMOF) Distributing XMRig CoinMiner (Detected by MDS)

This blog post introduces Binary Managed Object Files (BMOFs) and cases where XMRig CoinMiner is distributed through them.   Binary Managed Object File (BMOF)   Binary Managed Object File (BMOF) is a compiled version of Managed Object File (MOF), which is used for defining and managing information related to Windows

  • Sep 04 2024
Warning Against the Distribution of Malware Disguised as Software Cracks (Disrupts V3 Lite Installation)
Malware

Warning Against the Distribution of Malware Disguised as Software Cracks (Disrupts V3 Lite Installation)

AhnLab SEcurity intelligence Center (ASEC) has previously introduced the dangers of malware disguised as crack programs through a post titled  “Distribution of Malware Under the Guise of MS Office Cracked Versions (XMRig, OrcusRAT, etc.)”. [1] Malware strains disguised as crack programs are primarily distributed through file-sharing platforms, blogs, and torrents, leading

  • Jul 19 2024
Analysis Report on Malware – Disguised as Cracked Programs Targeting Korean Users
Malware

Analysis Report on Malware – Disguised as Cracked Programs Targeting Korean Users

Overview   AhnLab SEcurity intelligence Center (ASEC) has discussed cases of Remote Access Trojan (RAT) and bitcoin miner attacks targeting Korean users in our ASEC blog post, “Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack[1].” Until recently, the attacker has been creating and distributing malware, and more

  • Apr 16 2024