Warning Against Infostealer Infections Upon Executing Legitimate EXE Files (DLL Hijacking)
Caution is advised as an Infostealer that prompts the execution of legitimate EXE files is actively being distributed. The threat actor is distributing a legitimate EXE file with a valid signature and a malicious DLL compressed in the same directory. The EXE file itself is legitimate, but when executed in
Tracking and Responding to AgentTesla Using EDR
AhnLab Security Emergency response Center (ASEC) has been uploading a summary of weekly malware statistics every week. https://asec.ahnlab.com/en/53647/ This post will cover how EDR is used to detect, track, and respond to AgentTesla, an Infostealer continuously being distributed among the malware mentioned in the post above. AgentTesla is an Infostealer
Phishing Site Targeting Domestic E-mail Service Users (Part 2)
The ASEC analysis team has been sharing information about various phishing e-mails in the ASEC blog. This time, the team aims to inform users about another discovered phishing site that targets domestic e-mail service users to distribute malware. The recently confirmed phishing site targets Naver Mail (mail.naver), Daum Mail (mail2.daum),
