all InfoSec news
HWP Malware Using the Steganography Technique: RedEyes (ScarCruft)
Malware Analysis, News and Indicators - Latest topics malware.news
In January, the ASEC (AhnLab Security Emergency response Center) analysis team discovered that the RedEyes threat group (also known as APT37, ScarCruft) had been distributing malware by exploiting the HWP EPS (Encapsulated PostScript) vulnerability (CVE-2017-8291). This report will share the RedEyes group’s latest activity in Korea.
1. Overview
The RedEyes group is known for targeting specific individuals and not corporations, stealing not only personal PC information but also the mobile phone data of their targets. A distinct characteristic of the …
ahnlab analysis apt37 asec center corporations cve data emergency eps exploiting information january korea latest malware malware analysis mobile mobile phone personal phone redeyes report response scarcruft security share stealing steganography targeting team threat threat group vulnerability