Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-11-11AhnLabASEC
@online{asec:20221111:magniber:7426c1e, author = {ASEC}, title = {{Magniber Ransomware Attempts to Bypass MOTW (Mark of the Web)}}, date = {2022-11-11}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41889/}, language = {English}, urldate = {2022-11-15} } Magniber Ransomware Attempts to Bypass MOTW (Mark of the Web)
Magniber
2022-11-10AhnLabASEC
@online{asec:20221110:penetration:d92badf, author = {ASEC}, title = {{Penetration and Distribution Method of Gwisin Attacker}}, date = {2022-11-10}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41565/}, language = {English}, urldate = {2022-11-11} } Penetration and Distribution Method of Gwisin Attacker
Gwisin
2022-11-08AhnLabASEC
@online{asec:20221108:lockbit:6acb17e, author = {ASEC}, title = {{LockBit 3.0 Being Distributed via Amadey Bot}}, date = {2022-11-08}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41450/}, language = {English}, urldate = {2022-11-09} } LockBit 3.0 Being Distributed via Amadey Bot
Amadey Gandcrab LockBit
2022-10-24AhnLabASEC Analysis Team
@online{team:20221024:malware:495a611, author = {ASEC Analysis Team}, title = {{Malware infection case of Lazarus attack group that neutralizes antivirus program with BYOVD technique}}, date = {2022-10-24}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/40495/}, language = {Korean}, urldate = {2022-10-25} } Malware infection case of Lazarus attack group that neutralizes antivirus program with BYOVD technique
LazarDoor
2022-10-12AhnLabASEC Analysis Team
@online{team:20221012:lazarus:871078f, author = {ASEC Analysis Team}, title = {{Lazarus Group Uses the DLL Side-Loading Technique (mi.dll)}}, date = {2022-10-12}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/39828/}, language = {Korean}, urldate = {2022-10-14} } Lazarus Group Uses the DLL Side-Loading Technique (mi.dll)
2022-10-11AhnLabASEC Analysis Team
@online{team:20221011:from:a35b468, author = {ASEC Analysis Team}, title = {{From Exchange Server vulnerability to ransomware infection in just 7 days}}, date = {2022-10-11}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/39682/}, language = {Korean}, urldate = {2022-10-11} } From Exchange Server vulnerability to ransomware infection in just 7 days
LockBit MimiKatz
2022-09-22AhnLabAhnLab ASEC Analysis Team
@techreport{team:20220922:analysis:9dea34b, author = {AhnLab ASEC Analysis Team}, title = {{Analysis Report on Lazarus Group's Rootkit Attack Using BYOVD}}, date = {2022-09-22}, institution = {AhnLab}, url = {https://asec.ahnlab.com/wp-content/uploads/2022/09/Analysis-Report-on-Lazarus-Groups-Rootkit-Attack-Using-BYOVD_Sep-22-2022.pdf}, language = {English}, urldate = {2022-09-22} } Analysis Report on Lazarus Group's Rootkit Attack Using BYOVD
2022-08-18AhnLab
@online{ahnlab:20220818:rat:8957381, author = {AhnLab}, title = {{RAT tool disguised as a solution file (*.sln) on GitHub}}, date = {2022-08-18}, url = {https://asec.ahnlab.com/ko/37764/}, language = {English}, urldate = {2022-09-30} } RAT tool disguised as a solution file (*.sln) on GitHub
slnrat
2022-08-03AhnLabASEC Analysis Team
@online{team:20220803:gwisin:b89efa2, author = {ASEC Analysis Team}, title = {{Gwisin Ransomware Targeting Korean Companies}}, date = {2022-08-03}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/37483}, language = {English}, urldate = {2022-08-30} } Gwisin Ransomware Targeting Korean Companies
Gwisin
2022-07-28AhnLabASEC
@online{asec:20220728:attackers:666ffd0, author = {ASEC}, title = {{Attackers Profiting from Proxyware}}, date = {2022-07-28}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/37276/}, language = {English}, urldate = {2022-08-18} } Attackers Profiting from Proxyware
2022-06-28AhnLabASEC
@online{asec:20220628:new:df3f9bf, author = {ASEC}, title = {{New Info-stealer Disguised as Crack Being Distributed}}, date = {2022-06-28}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/35981/}, language = {English}, urldate = {2022-06-30} } New Info-stealer Disguised as Crack Being Distributed
ClipBanker CryptBot Raccoon RedLine Stealer
2022-06-24AhnLabASEC
@online{asec:20220624:lockbit:a98a9bb, author = {ASEC}, title = {{LockBit Ransomware Disguised as Copyright Claim E-mail Being Distributed}}, date = {2022-06-24}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/35822/}, language = {English}, urldate = {2022-06-27} } LockBit Ransomware Disguised as Copyright Claim E-mail Being Distributed
LockBit
2022-05-20AhnLabASEC
@online{asec:20220520:why:c6efba7, author = {ASEC}, title = {{Why Remediation Alone Is Not Enough When Infected by Malware}}, date = {2022-05-20}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/34549/}, language = {English}, urldate = {2022-05-24} } Why Remediation Alone Is Not Enough When Infected by Malware
Cobalt Strike DarkSide
2022-05-03AhnLabASEC
@online{asec:20220503:backdoors:43e357a, author = {ASEC}, title = {{Backdoors disguised as document editing and messenger programs (*.chm)}}, date = {2022-05-03}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/33948/}, language = {Korean}, urldate = {2022-05-05} } Backdoors disguised as document editing and messenger programs (*.chm)
2022-04-12AhnLabASEC Analysis Team
@online{team:20220412:systembc:7bdd20c, author = {ASEC Analysis Team}, title = {{SystemBC Being Used by Various Attackers}}, date = {2022-04-12}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/33600/}, language = {English}, urldate = {2022-04-15} } SystemBC Being Used by Various Attackers
Emotet SmokeLoader SystemBC
2022-04-05AhnLabASEC Analysis Team
@online{team:20220405:malicious:ecf993a, author = {ASEC Analysis Team}, title = {{Malicious Word Documents Using MS Media Player (Impersonating AhnLab)}}, date = {2022-04-05}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/33477/}, language = {English}, urldate = {2022-04-15} } Malicious Word Documents Using MS Media Player (Impersonating AhnLab)
2022-03-21AhnLabASEC Analysis Team
@online{team:20220321:bitrat:865b183, author = {ASEC Analysis Team}, title = {{BitRAT Disguised as Windows Product Key Verification Tool Being Distributed}}, date = {2022-03-21}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/32781/}, language = {English}, urldate = {2022-04-14} } BitRAT Disguised as Windows Product Key Verification Tool Being Distributed
BitRAT TinyNuke
2022-03-16AhnLabASEC Analysis Team
@online{team:20220316:gh0stcringe:65e2d3e, author = {ASEC Analysis Team}, title = {{Gh0stCringe RAT Being Distributed to Vulnerable Database Servers}}, date = {2022-03-16}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/32572/}, language = {English}, urldate = {2022-04-14} } Gh0stCringe RAT Being Distributed to Vulnerable Database Servers
Ghost RAT Kingminer
2022-02-28AhnLabASEC Analysis Team
@online{team:20220228:coinminer:32d7604, author = {ASEC Analysis Team}, title = {{CoinMiner Being Distributed to Vulnerable MS-SQL Servers}}, date = {2022-02-28}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/32143/}, language = {English}, urldate = {2022-03-02} } CoinMiner Being Distributed to Vulnerable MS-SQL Servers
2022-02-28AhnLabASEC Analysis Team
@online{team:20220228:change:c9b5e5c, author = {ASEC Analysis Team}, title = {{Change in Distribution Method of Malware Disguised as Estimate (VBS Script)}}, date = {2022-02-28}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/32149/}, language = {English}, urldate = {2022-03-02} } Change in Distribution Method of Malware Disguised as Estimate (VBS Script)
Formbook