all InfoSec news
RokRAT Malware Distributed Through LNK Files (*.lnk): RedEyes (ScarCruft)
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab Security Emergency response Center (ASEC) confirmed that the RedEyes threat group (also known as APT37, ScarCruft), which distributed CHM Malware Disguised as Security Email from a Korean Financial Company last month, has also recently distributed the RokRAT malware through LNK files.
RokRAT is malware that is capable of collecting user credentials and downloading additional malware. The malware was once distributed through HWP and Word files. The LNK files that were discovered this time contain PowerShell commands that can perform …
ahnlab apt37 asec center chm collecting credentials distributed email emergency files financial lnk malicious malicious behavior malware malware analysis powershell redeyes response rokrat rokrat malware scarcruft script security threat threat group word