Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-05AhnLabSanseo
@online{sanseo:20230905:blueshell:da706ff, author = {Sanseo}, title = {{BlueShell malware used in APT attacks targeting Korea and Thailand}}, date = {2023-09-05}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/56715/}, language = {Korean}, urldate = {2023-09-07} } BlueShell malware used in APT attacks targeting Korea and Thailand
BlueShell SparkRAT
2023-09-04AhnLabSanseo
@online{sanseo:20230904:chm:0194a5a, author = {Sanseo}, title = {{CHM Malware Using Fukushima Contaminated Water Discharge: RedEyes (ScarCruft)}}, date = {2023-09-04}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/56654/}, language = {English}, urldate = {2023-09-07} } CHM Malware Using Fukushima Contaminated Water Discharge: RedEyes (ScarCruft)
2023-09-01AhnLabYe Eun
@online{eun:20230901:malicious:612f451, author = {Ye Eun}, title = {{Malicious LNK that distributes backdoors: RedEyes (ScarCruft)}}, date = {2023-09-01}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/56526/}, language = {Korean}, urldate = {2023-09-07} } Malicious LNK that distributes backdoors: RedEyes (ScarCruft)
2023-08-31AhnLabSanseo
@online{sanseo:20230831:analysis:c771be9, author = {Sanseo}, title = {{Analysis of Andariel’s New Attack Activities}}, date = {2023-08-31}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/56405/}, language = {English}, urldate = {2023-09-01} } Analysis of Andariel’s New Attack Activities
Andardoor BlackRemote Tiger RAT Volgmer
2023-08-22AhnLabASEC Analysis Team
@online{team:20230822:analyzing:a2e958c, author = {ASEC Analysis Team}, title = {{Analyzing the new attack activity of the Andariel group}}, date = {2023-08-22}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/56256/}, language = {Korean}, urldate = {2023-08-28} } Analyzing the new attack activity of the Andariel group
Andardoor MimiKatz QuiteRAT Tiger RAT Volgmer
2023-08-10AhnLabAhnLab ASEC Analysis Team
@online{team:20230810:guloader:3b02e84, author = {AhnLab ASEC Analysis Team}, title = {{GuLoader Malware Disguised as Tax Invoices and Shipping Statements (Detected by MDS Products)}}, date = {2023-08-10}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/55978/}, language = {English}, urldate = {2023-08-15} } GuLoader Malware Disguised as Tax Invoices and Shipping Statements (Detected by MDS Products)
CloudEyE
2023-08-03AhnLabASEC
@online{asec:20230803:reptile:ee853ee, author = {ASEC}, title = {{Reptile Malware Targeting Linux Systems}}, date = {2023-08-03}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/55785/}, language = {English}, urldate = {2023-08-07} } Reptile Malware Targeting Linux Systems
Melofee reptile Winnti
2023-08-01AhnLabASEC
@online{asec:20230801:sliver:e32a5e1, author = {ASEC}, title = {{Sliver C2 Being Distributed Through Korean Program Development Company}}, date = {2023-08-01}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/55652/}, language = {English}, urldate = {2023-08-07} } Sliver C2 Being Distributed Through Korean Program Development Company
Sliver
2023-07-24AhnLabASEC
@online{asec:20230724:lazarus:63cd113, author = {ASEC}, title = {{Lazarus Threat Group Attacking Windows Servers to Use as Malware Distribution Points}}, date = {2023-07-24}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/55369/}, language = {English}, urldate = {2023-08-07} } Lazarus Threat Group Attacking Windows Servers to Use as Malware Distribution Points
2023-07-11AhnLabASEC
@online{asec:20230711:analysis:d4ec4ec, author = {ASEC}, title = {{Analysis of the Rekoobe Backdoor Being Used In Attacks Against Linux Systems in Korea}}, date = {2023-07-11}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/55229/}, language = {English}, urldate = {2023-08-07} } Analysis of the Rekoobe Backdoor Being Used In Attacks Against Linux Systems in Korea
Rekoobe
2023-07-03AhnLabASEC
@online{asec:20230703:crysis:3ffd122, author = {ASEC}, title = {{Crysis Threat Actor Installing Venus Ransomware Through RDP}}, date = {2023-07-03}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/54937/}, language = {English}, urldate = {2023-08-07} } Crysis Threat Actor Installing Venus Ransomware Through RDP
Dharma
2023-06-28AhnLabSanseo
@online{sanseo:20230628:kimsuky:342e1c2, author = {Sanseo}, title = {{Kimsuky Attack Group Abusing Chrome Remote Desktop}}, date = {2023-06-28}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/54804/}, language = {Korean}, urldate = {2023-07-16} } Kimsuky Attack Group Abusing Chrome Remote Desktop
Appleseed
2023-06-20AhnLabASEC
@online{asec:20230620:tsunami:bbf63b6, author = {ASEC}, title = {{Tsunami DDoS Malware Distributed to Linux SSH Servers}}, date = {2023-06-20}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/54647/}, language = {English}, urldate = {2023-08-07} } Tsunami DDoS Malware Distributed to Linux SSH Servers
PerlBot Tsunami
2023-06-08AhnLabASEC Analysis Team
@online{team:20230608:lazarus:e8fb47d, author = {ASEC Analysis Team}, title = {{Lazarus Group exploiting vulnerabilities in domestic financial security solutions}}, date = {2023-06-08}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/53832/}, language = {Korean}, urldate = {2023-06-12} } Lazarus Group exploiting vulnerabilities in domestic financial security solutions
LazarDoor LazarLoader
2023-05-23AhnLabASEC
@online{asec:20230523:darkcloud:cbd48ff, author = {ASEC}, title = {{DarkCloud Infostealer Being Distributed via Spam Emails}}, date = {2023-05-23}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/53128/}, language = {English}, urldate = {2023-08-07} } DarkCloud Infostealer Being Distributed via Spam Emails
DarkCloud Stealer
2023-05-22AhnLabASEC
@online{asec:20230522:kimsuky:6007eeb, author = {ASEC}, title = {{Kimsuky Group Using Meterpreter to Attack Web Servers}}, date = {2023-05-22}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/53046/}, language = {English}, urldate = {2023-08-07} } Kimsuky Group Using Meterpreter to Attack Web Servers
Kimsuky Meterpreter
2023-05-18AhnLabASEC
@online{asec:20230518:sparkrat:f283ffc, author = {ASEC}, title = {{SparkRAT Being Distributed Within a Korean VPN Installer}}, date = {2023-05-18}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/52899/}, language = {English}, urldate = {2023-08-07} } SparkRAT Being Distributed Within a Korean VPN Installer
SparkRAT
2023-05-15AhnLabAhnLab ASEC Analysis Team
@online{team:20230515:lokilocker:684344c, author = {AhnLab ASEC Analysis Team}, title = {{LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea}}, date = {2023-05-15}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/52570/}, language = {English}, urldate = {2023-06-12} } LokiLocker, a Ransomware Similar to BlackBit Being Distributed in Korea
LokiLocker
2023-05-03AhnLabASEC
@online{asec:20230503:recordbreaker:402a5e6, author = {ASEC}, title = {{RecordBreaker Stealer Distributed via Hacked YouTube Accounts}}, date = {2023-05-03}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/52072/}, language = {English}, urldate = {2023-08-07} } RecordBreaker Stealer Distributed via Hacked YouTube Accounts
RecordBreaker
2023-04-26AhnLabbghjmun
@online{bghjmun:20230426:rokrat:e241546, author = {bghjmun}, title = {{RokRAT Malware Distributed Through LNK Files (*.lnk): RedEyes (ScarCruft)}}, date = {2023-04-26}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/51751/}, language = {English}, urldate = {2023-04-26} } RokRAT Malware Distributed Through LNK Files (*.lnk): RedEyes (ScarCruft)
RokRAT