Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-17AhnLabASEC
@online{asec:20230317:shellbot:93d3ae5, author = {ASEC}, title = {{ShellBot Malware Being Distributed to Linux SSH Servers}}, date = {2023-03-17}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/49769/}, language = {English}, urldate = {2023-03-20} } ShellBot Malware Being Distributed to Linux SSH Servers
PerlBot
2023-03-09ASECSanseo
@online{sanseo:20230309:plugx:4683b0e, author = {Sanseo}, title = {{PlugX Malware Being Distributed via Vulnerability Exploitation}}, date = {2023-03-09}, organization = {ASEC}, url = {https://asec.ahnlab.com/en/49097/}, language = {English}, urldate = {2023-03-17} } PlugX Malware Being Distributed via Vulnerability Exploitation
PlugX
2023-03-08AhnLabASEC
@online{asec:20230308:globeimposter:2a15455, author = {ASEC}, title = {{GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP}}, date = {2023-03-08}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/48940/}, language = {English}, urldate = {2023-03-20} } GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP
GlobeImposter MedusaLocker
2023-02-15AhnLabASEC
@online{asec:20230215:paradise:0db313d, author = {ASEC}, title = {{Paradise Ransomware Distributed Through AweSun Vulnerability Exploitation}}, date = {2023-02-15}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/47590/}, language = {English}, urldate = {2023-03-20} } Paradise Ransomware Distributed Through AweSun Vulnerability Exploitation
Paradise
2023-02-06AhnLabASEC
@online{asec:20230206:sliver:4683d40, author = {ASEC}, title = {{Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations}}, date = {2023-02-06}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/47088/}, language = {English}, urldate = {2023-03-20} } Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations
Sliver
2023-01-13AhnLabASEC
@online{asec:20230113:orcus:49e1676, author = {ASEC}, title = {{Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack}}, date = {2023-01-13}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/45462/}, language = {English}, urldate = {2023-03-20} } Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack
Orcus RAT
2023-01-06AhnLabASEC
@online{asec:20230106:distribution:dd88acd, author = {ASEC}, title = {{Distribution of NetSupport RAT Malware Disguised as a Pokemon Game}}, date = {2023-01-06}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/45312/}, language = {English}, urldate = {2023-03-20} } Distribution of NetSupport RAT Malware Disguised as a Pokemon Game
NetSupportManager RAT
2022-12-22ASECAhnLab
@online{ahnlab:20221222:qakbot:9e92461, author = {AhnLab}, title = {{Qakbot Being Distributed via Virtual Disk Files (*.vhd)}}, date = {2022-12-22}, organization = {ASEC}, url = {https://asec.ahnlab.com/en/44662/}, language = {English}, urldate = {2022-12-24} } Qakbot Being Distributed via Virtual Disk Files (*.vhd)
QakBot
2022-11-11AhnLabASEC
@online{asec:20221111:magniber:7426c1e, author = {ASEC}, title = {{Magniber Ransomware Attempts to Bypass MOTW (Mark of the Web)}}, date = {2022-11-11}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41889/}, language = {English}, urldate = {2022-11-15} } Magniber Ransomware Attempts to Bypass MOTW (Mark of the Web)
Magniber
2022-11-10AhnLabASEC
@online{asec:20221110:penetration:d92badf, author = {ASEC}, title = {{Penetration and Distribution Method of Gwisin Attacker}}, date = {2022-11-10}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41565/}, language = {English}, urldate = {2022-11-11} } Penetration and Distribution Method of Gwisin Attacker
Gwisin
2022-11-08AhnLabASEC
@online{asec:20221108:lockbit:6acb17e, author = {ASEC}, title = {{LockBit 3.0 Being Distributed via Amadey Bot}}, date = {2022-11-08}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41450/}, language = {English}, urldate = {2022-11-09} } LockBit 3.0 Being Distributed via Amadey Bot
Amadey Gandcrab LockBit
2022-11-02ASECASEC
@online{asec:20221102:appleseed:0cc5b91, author = {ASEC}, title = {{Appleseed Being Distributed to Nuclear Power Plant-Related Companies}}, date = {2022-11-02}, organization = {ASEC}, url = {https://asec.ahnlab.com/en/41015/}, language = {English}, urldate = {2022-11-03} } Appleseed Being Distributed to Nuclear Power Plant-Related Companies
Appleseed
2022-10-24AhnLabASEC Analysis Team
@online{team:20221024:malware:495a611, author = {ASEC Analysis Team}, title = {{Malware infection case of Lazarus attack group that neutralizes antivirus program with BYOVD technique}}, date = {2022-10-24}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/40495/}, language = {Korean}, urldate = {2022-10-25} } Malware infection case of Lazarus attack group that neutralizes antivirus program with BYOVD technique
LazarDoor
2022-10-12AhnLabASEC Analysis Team
@online{team:20221012:lazarus:871078f, author = {ASEC Analysis Team}, title = {{Lazarus Group Uses the DLL Side-Loading Technique (mi.dll)}}, date = {2022-10-12}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/39828/}, language = {Korean}, urldate = {2022-10-14} } Lazarus Group Uses the DLL Side-Loading Technique (mi.dll)
2022-10-11AhnLabASEC Analysis Team
@online{team:20221011:from:a35b468, author = {ASEC Analysis Team}, title = {{From Exchange Server vulnerability to ransomware infection in just 7 days}}, date = {2022-10-11}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/39682/}, language = {Korean}, urldate = {2022-10-11} } From Exchange Server vulnerability to ransomware infection in just 7 days
LockBit MimiKatz
2022-09-23AhnLabASEC
@online{asec:20220923:fargo:35c7da4, author = {ASEC}, title = {{FARGO Ransomware (Mallox) Being Distributed to Unsecured MS-SQL Servers}}, date = {2022-09-23}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/39152/}, language = {English}, urldate = {2022-12-14} } FARGO Ransomware (Mallox) Being Distributed to Unsecured MS-SQL Servers
TargetCompany
2022-09-22AhnLabAhnLab ASEC Analysis Team
@techreport{team:20220922:analysis:9dea34b, author = {AhnLab ASEC Analysis Team}, title = {{Analysis Report on Lazarus Group's Rootkit Attack Using BYOVD}}, date = {2022-09-22}, institution = {AhnLab}, url = {https://asec.ahnlab.com/wp-content/uploads/2022/09/Analysis-Report-on-Lazarus-Groups-Rootkit-Attack-Using-BYOVD_Sep-22-2022.pdf}, language = {English}, urldate = {2022-12-29} } Analysis Report on Lazarus Group's Rootkit Attack Using BYOVD
FudModule
2022-09-15AquasecAssaf Morag, Asaf Eitani
@online{morag:20220915:threat:b35ec09, author = {Assaf Morag and Asaf Eitani}, title = {{Threat Alert: New Malware in the Cloud By TeamTNT}}, date = {2022-09-15}, organization = {Aquasec}, url = {https://blog.aquasec.com/new-malware-in-the-cloud-by-teamtnt}, language = {English}, urldate = {2022-09-19} } Threat Alert: New Malware in the Cloud By TeamTNT
Tsunami
2022-08-08AhnLabASEC Analysis Team
@online{team:20220808:monero:368d22b, author = {ASEC Analysis Team}, title = {{Monero CoinMiner Being Distributed via Webhards}}, date = {2022-08-08}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/37526/}, language = {English}, urldate = {2023-01-19} } Monero CoinMiner Being Distributed via Webhards
Monero Miner
2022-08-03AhnLabASEC Analysis Team
@online{team:20220803:gwisin:b89efa2, author = {ASEC Analysis Team}, title = {{Gwisin Ransomware Targeting Korean Companies}}, date = {2022-08-03}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/37483}, language = {English}, urldate = {2022-08-30} } Gwisin Ransomware Targeting Korean Companies
Gwisin