Phishing Emails Impersonating the National Tax Service (NTS)
AhnLab SEcurity intelligence Center (ASEC) has recently identified phishing emails impersonating the tax authority in Korea called National Tax Service (NTS, also known as Hometax). The email body is disguised as the contents of an electronic tax invoice, and the recipient is asked to open the attached HTML file for
SVG Phishing Malware Being Distributed with Analysis Obstruction Feature
AhnLab SEcurity intelligence Center (ASEC) recently identified a phishing malware being distributed in Scalable Vector Graphics (SVG) format. SVG is an XML-based vector image file format commonly used for icons, logos, charts, and graphs, and it allows the use of CSS and JS scripts within the code. In November 2024,
Trends Report on Phishing Emails in February 2025
1. Statistics on Attachment Threats in February 2025 In February 2025, the most prevalent threat type among phishing email attachments was Phishing (78%). This is the type where threat actors use HTML and other scripts to mimic login pages, advertising page layouts, logos, and fonts to create deceptive pages that
Phishing Email Attacks by the Larva-24005 Group Targeting Japan
AhnLab SEcurity intelligence Center (ASEC) has identified the behavior of Larva-24005 breaching servers in Korea and then establishing a web server, database, and PHP environment for sending phishing emails. Larva-24005 is using the attack base to target not only South Korea but also Japan. The main targets are those
Trends Report on Phishing Emails in January 2025
Statistics on Attachment Threat Types Statistics on Attachment Threats in January 2025 In January 2025, the most prevalent threat type among phishing email attachments was Phishing (48%). This is the type where threat actors use HTML and other scripts to mimic login pages, advertising page layouts, logos, and fonts
Warning Against ModiLoader (DBatLoader) Spreading via MS Windows CAB Header Batch File (*.cmd)
In December 2024, AhnLab SEcurity intelligence Center (ASEC) identified the distribution of malware using MS Windows CAB header batch file (*.cmd) with AhnLab’s email honeypot. The malware known as ModiLoader (DBatLoader) was being distributed through purchase orders (PO). The difference from the past cases is that while the current
Statistical Report on Phishing Emails in Q4 2024
Overview AhnLab SEcurity intelligence Center (ASEC) uses the AhnLab Smart Defense (ASD) infrastructure to respond to and classify attacks on poorly managed Windows web servers. This report covers the current state of damage to Windows web servers which had become the target of attacks based on the logs identified in
Increase in Distribution of AutoIt Compile Malware via Phishing Emails
Overview AhnLab SEcurity intelligence Center (ASEC) releases weekly information about malware distributed via phishing emails under the title “Weekly Phishing Email Distribution Cases” on the ASEC Blog. While .NET-based malware was previously the most common type in EXE file distributions, there has been a recent surge in malware created
Trend Report on Phishing Malware Impersonating the National Tax Service (NTS)
There is a noticeable increase in phishing emails impersonating the National Tax Service (NTS) whenever it is time to file value-added tax (VAT) and other taxes. AhnLab SEcurity intelligence Center (ASEC) has been alerting users to this threat by distributing relevant content. Phishing cases impersonating the National Tax Service
Warning Against Phishing Emails Impersonating Major Korean Entertainment Agencies
AhnLab SEcurity Intelligence Center (ASEC) releases weekly and quarterly phishing email statistical reports on the ASEC blog, with fake login, delivery, and purchase order request types being the most common. However, it has been confirmed that phishing emails impersonating major Korean entertainment agencies have recently been distributed in Korea. The
