5 matches found
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services IIS servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center ASEC, which detailed the advanced...
Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions
South Korean education, construction, diplomatic, and political institutions are at the receiving end of new attacks perpetrated by a China-aligned threat actor known as the Tonto Team. "Recent cases have revealed that the group is using a file related to anti-malware products to ultimately execu...
PseudoManuscrypt Malware Spreading the Same Way as CryptBot Targets Koreans
Numerous Windows machines located in South Korea have been targeted by a botnet tracked as PseudoManuscrypt since at least May 2021 by employing the same delivery tactics of another malware called CryptBot. "PseudoManuscrypt is disguised as an installer that is similar to a form of CryptBot, and ...
DDoS IRC Bot Malware Spreading Through Korean WebHard Platforms
An IRC Internet Relay Chat bot strain programmed in GoLang is being used to launch distributed denial-of-service DDoS attacks targeting users in Korea. "The malware is being distributed under the guise of adult games," researchers from AhnLab's Security Emergency-response Center ASEC said in a ne...
vold asec
Insufficient paramter checking for asec container creation allows an asec container to be mounted over part of the filesystem using directory traversal if the app has the ASEC permissions such as ASECCREATE There is an adb tethered root explot for motorola phones...