all InfoSec news
Distribution of VenomRAT (AsyncRAT) Impersonating Korean IT Companies
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab SEcurity intelligence Center (ASEC) found a shortcut file (.lnk) that downloads AsyncRAT (VenomRAT). In order for the LNK file to disguise itself as a normal Word file, it was distributed with the name ‘Survey.docx.lnk’ inside a compressed file which also contained a normal text file. Above all, users need to remain vigilant, as the executable file (blues.exe) used in the attack is disguised as a Korean company’s certificate.
The overall operation process of the malware is as shown below. …
ahnlab asec asyncrat center companies distributed distribution docx downloads file found impersonating intelligence lnk lnk file malware analysis name normal order security security intelligence survey text venomrat word