Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-17AhnLabASEC
@online{asec:20230317:shellbot:93d3ae5, author = {ASEC}, title = {{ShellBot Malware Being Distributed to Linux SSH Servers}}, date = {2023-03-17}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/49769/}, language = {English}, urldate = {2023-03-20} } ShellBot Malware Being Distributed to Linux SSH Servers
PerlBot
2023-03-08AhnLabASEC
@online{asec:20230308:globeimposter:2a15455, author = {ASEC}, title = {{GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP}}, date = {2023-03-08}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/48940/}, language = {English}, urldate = {2023-03-20} } GlobeImposter Ransomware Being Distributed with MedusaLocker via RDP
GlobeImposter MedusaLocker
2023-03-08AhnLabYe Eun
@online{eun:20230308:chm:cb594f7, author = {Ye Eun}, title = {{CHM malware (Kimsuky) disguised questionnaires related to North Korea}}, date = {2023-03-08}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/48960/}, language = {Korean}, urldate = {2023-03-20} } CHM malware (Kimsuky) disguised questionnaires related to North Korea
2023-02-15AhnLabASEC
@online{asec:20230215:paradise:0db313d, author = {ASEC}, title = {{Paradise Ransomware Distributed Through AweSun Vulnerability Exploitation}}, date = {2023-02-15}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/47590/}, language = {English}, urldate = {2023-03-20} } Paradise Ransomware Distributed Through AweSun Vulnerability Exploitation
Paradise
2023-02-15AhnLabeastston
@online{eastston:20230215:distributed:52e6451, author = {eastston}, title = {{Distributed Malware Exploiting Vulnerable Innorix: Andariel}}, date = {2023-02-15}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/47751/}, language = {Korean}, urldate = {2023-02-21} } Distributed Malware Exploiting Vulnerable Innorix: Andariel
Andardoor
2023-02-14AhnLabmuhan
@online{muhan:20230214:hangeul:7b909eb, author = {muhan}, title = {{Hangeul (HWP) malware using steganography: RedEyes (ScarCruft)}}, date = {2023-02-14}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/47622/}, language = {Korean}, urldate = {2023-02-21} } Hangeul (HWP) malware using steganography: RedEyes (ScarCruft)
2023-02-06AhnLabASEC
@online{asec:20230206:sliver:4683d40, author = {ASEC}, title = {{Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations}}, date = {2023-02-06}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/47088/}, language = {English}, urldate = {2023-03-20} } Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations
Sliver
2023-01-13AhnLabASEC
@online{asec:20230113:orcus:49e1676, author = {ASEC}, title = {{Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack}}, date = {2023-01-13}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/45462/}, language = {English}, urldate = {2023-03-20} } Orcus RAT Being Distributed Disguised as a Hangul Word Processor Crack
Orcus RAT
2023-01-06AhnLabASEC
@online{asec:20230106:distribution:dd88acd, author = {ASEC}, title = {{Distribution of NetSupport RAT Malware Disguised as a Pokemon Game}}, date = {2023-01-06}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/45312/}, language = {English}, urldate = {2023-03-20} } Distribution of NetSupport RAT Malware Disguised as a Pokemon Game
NetSupportManager RAT
2022-12-22ASECAhnLab
@online{ahnlab:20221222:qakbot:9e92461, author = {AhnLab}, title = {{Qakbot Being Distributed via Virtual Disk Files (*.vhd)}}, date = {2022-12-22}, organization = {ASEC}, url = {https://asec.ahnlab.com/en/44662/}, language = {English}, urldate = {2022-12-24} } Qakbot Being Distributed via Virtual Disk Files (*.vhd)
QakBot
2022-12-22AhnLabSanseo
@online{sanseo:20221222:nitol:ad67d69, author = {Sanseo}, title = {{Nitol DDoS Malware Installing Amadey Bot}}, date = {2022-12-22}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/44504/}, language = {English}, urldate = {2023-03-20} } Nitol DDoS Malware Installing Amadey Bot
Amadey Nitol
2022-11-11AhnLabASEC
@online{asec:20221111:magniber:7426c1e, author = {ASEC}, title = {{Magniber Ransomware Attempts to Bypass MOTW (Mark of the Web)}}, date = {2022-11-11}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41889/}, language = {English}, urldate = {2022-11-15} } Magniber Ransomware Attempts to Bypass MOTW (Mark of the Web)
Magniber
2022-11-10AhnLabASEC
@online{asec:20221110:penetration:d92badf, author = {ASEC}, title = {{Penetration and Distribution Method of Gwisin Attacker}}, date = {2022-11-10}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41565/}, language = {English}, urldate = {2022-11-11} } Penetration and Distribution Method of Gwisin Attacker
Gwisin
2022-11-08AhnLabASEC
@online{asec:20221108:lockbit:6acb17e, author = {ASEC}, title = {{LockBit 3.0 Being Distributed via Amadey Bot}}, date = {2022-11-08}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/41450/}, language = {English}, urldate = {2022-11-09} } LockBit 3.0 Being Distributed via Amadey Bot
Amadey Gandcrab LockBit
2022-10-24AhnLabASEC Analysis Team
@online{team:20221024:malware:495a611, author = {ASEC Analysis Team}, title = {{Malware infection case of Lazarus attack group that neutralizes antivirus program with BYOVD technique}}, date = {2022-10-24}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/40495/}, language = {Korean}, urldate = {2022-10-25} } Malware infection case of Lazarus attack group that neutralizes antivirus program with BYOVD technique
LazarDoor
2022-10-12AhnLabASEC Analysis Team
@online{team:20221012:lazarus:871078f, author = {ASEC Analysis Team}, title = {{Lazarus Group Uses the DLL Side-Loading Technique (mi.dll)}}, date = {2022-10-12}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/39828/}, language = {Korean}, urldate = {2022-10-14} } Lazarus Group Uses the DLL Side-Loading Technique (mi.dll)
2022-10-11AhnLabASEC Analysis Team
@online{team:20221011:from:a35b468, author = {ASEC Analysis Team}, title = {{From Exchange Server vulnerability to ransomware infection in just 7 days}}, date = {2022-10-11}, organization = {AhnLab}, url = {https://asec.ahnlab.com/ko/39682/}, language = {Korean}, urldate = {2022-10-11} } From Exchange Server vulnerability to ransomware infection in just 7 days
LockBit MimiKatz
2022-09-23AhnLabASEC
@online{asec:20220923:fargo:35c7da4, author = {ASEC}, title = {{FARGO Ransomware (Mallox) Being Distributed to Unsecured MS-SQL Servers}}, date = {2022-09-23}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/39152/}, language = {English}, urldate = {2022-12-14} } FARGO Ransomware (Mallox) Being Distributed to Unsecured MS-SQL Servers
TargetCompany
2022-09-22AhnLabAhnLab ASEC Analysis Team
@techreport{team:20220922:analysis:9dea34b, author = {AhnLab ASEC Analysis Team}, title = {{Analysis Report on Lazarus Group's Rootkit Attack Using BYOVD}}, date = {2022-09-22}, institution = {AhnLab}, url = {https://asec.ahnlab.com/wp-content/uploads/2022/09/Analysis-Report-on-Lazarus-Groups-Rootkit-Attack-Using-BYOVD_Sep-22-2022.pdf}, language = {English}, urldate = {2022-12-29} } Analysis Report on Lazarus Group's Rootkit Attack Using BYOVD
FudModule
2022-08-18AhnLab
@online{ahnlab:20220818:rat:8957381, author = {AhnLab}, title = {{RAT tool disguised as a solution file (*.sln) on GitHub}}, date = {2022-08-18}, url = {https://asec.ahnlab.com/ko/37764/}, language = {English}, urldate = {2022-09-30} } RAT tool disguised as a solution file (*.sln) on GitHub
slnrat