all InfoSec news
Case of Malware Distribution Linking to Illegal Gambling Website Targeting Korean Web Server
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab SEcurity intelligence Center (ASEC) has discovered evidence of a malware strain being distributed to web servers in South Korea, leading users to an illegal gambling site. After initially infiltrating a poorly managed Windows Internet Information Services (IIS) web server in Korea, the threat actor installed the Meterpreter backdoor, a port forwarding tool, and an IIS module malware tool. They then used ProcDump to exfiltrate account credentials from the server. IIS modules support expansion features of web servers such as …
actor ahnlab asec case center distributed distribution evidence gambling iis illegal information intelligence internet internet information services korea malware malware analysis malware distribution managed security security intelligence server servers services south south korea targeting threat threat actor web web server web servers website windows