all InfoSec news
CHM Malware Disguised as Security Email from a Korean Financial Company: Redeyes (Scarcruft)
Malware Analysis, News and Indicators - Latest topics malware.news
The ASEC (AhnLab Security Emergency response Center) analysis team has discovered that the CHM malware, which is assumed to have been created by the RedEyes threat group (also known as APT37, ScarCruft), is being distributed to Korean users. The team has confirmed that the command used in the “2.3. Persistence” stage of the RedEyes group’s M2RAT malware attack, which was reported back in February, has the same format as the command used in this attack. This information, as well as …
ahnlab analysis apt37 asec attack back center chm command distributed email emergency february financial m2rat malware malware analysis malware attack persistence redeyes response scarcruft security stage team threat threat group