« Reports in 2023 »

627 reports

2023-07-28 • Hauri

Hauri analyzed malware disguised as a KISA-Security-Upgrade executable that unpacked embedded archives and dropped additional malicious files. The initial executable posed as a Korean security-upgrade file to induce user execution, wrote data under a temp…

2023-07-27 • Ahnlab

AhnLab ASEC detailed a CHM malware wave impersonating Korean financial institutions and insurance companies, timed around regular payment-statement schedules to increase the chance of execution. The CHM ran through hh.exe, decompiled content into C:\Users…

#CHM
2023-07-27 • Kaspersky

Kaspersky's Q2 2023 APT trends report says the MATA cluster, previously attributed to Lazarus, targeted defense contractors in Eastern Europe from September 2022 through March 2023. The campaign used spear-phishing and multi-stage validators, abused secur…

#Trend #Bluenoroff
2023-07-26 • Rekt

REKT reported that AlphaPo, a crypto payments processor used by gambling platforms, lost about $60 million across Ethereum, Tron and Bitcoin after its hot wallet began draining over a weekend. The source says ZachXBT and MistTrack linked the on-chain move…

#Cryptocurrency #Alphapo
2023-07-25 • SOCRadar

SOCRadar profiles Kimsuky, also tracked as APT43, as a North Korean cyber-espionage group focused on sensitive information from South Korea, the United States, and Europe. The source describes spearphishing emails with malicious attachments or links, Hang…

#Kimsuky