XLoader Executed Through JAR Signing Tool (jarsigner.exe)
Recently, AhnLab SEcurity intelligence Center (ASEC) identified the distribution of XLoader malware using the DLL side-loading technique. The DLL side-loading attack technique saves a normal application and a malicious DLL in the same folder path to enable the malicious DLL to also be executed when the application is run. The
Threat Trend Report on APT Attacks – July 2024 Major Issues on APT Attacks in South Korea
This report covers classification and statistics on APT domestic attacks confirmed during the month of July 2024 and introduces the functions of each type. Below is a summary of some of the information. [Table of Contents] Overview Trends of APT Attacks in Korea Spear Phishing Attacks Using LNK Files Attacks Using
Warning Against the Distribution of Malware Disguised as Software Cracks (Disrupts V3 Lite Installation)
AhnLab SEcurity intelligence Center (ASEC) has previously introduced the dangers of malware disguised as crack programs through a post titled “Distribution of Malware Under the Guise of MS Office Cracked Versions (XMRig, OrcusRAT, etc.)”. [1] Malware strains disguised as crack programs are primarily distributed through file-sharing platforms, blogs, and torrents, leading
Warning Against Infostealer Infections Upon Executing Legitimate EXE Files (DLL Hijacking)
Caution is advised as an Infostealer that prompts the execution of legitimate EXE files is actively being distributed. The threat actor is distributing a legitimate EXE file with a valid signature and a malicious DLL compressed in the same directory. The EXE file itself is legitimate, but when executed in
