Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: south korea

3 attack reports | 0 vulnerabilities

Attack reports

New Android Spyware Campaign Targets South Koreans via AWS

A sophisticated Android spyware campaign targeting South Koreans has been uncovered by Cyble Research and Intelligence Labs. Active since June 2024, the malware exploits an Amazon AWS S3 bucket as its Command and Control server to exfiltrate sensitive personal data including SMS messages, contacts,…

android
spyware
south korea
cloud security
data exfiltration
aws
mobile malware
2024-10-01
stealth techniques
Published: October 1, 2024

Downloadable IOCs 7

Private HTS Program Continuously Used in Attacks

This report outlines a continuous campaign where a threat actor distributes malware, including Quasar RAT, through a private home trading system (HTS) named HPlus. The malware is initially delivered via an MSI installer, and users who request remote assistance inadvertently execute the AnyDesk soft…

south korea
quasar rat
2024-07-17
Published: July 17, 2024

Downloadable IOCs 1

SecretCalls: A Formidable App of Notorious Korean Financial Fraudster

Voice phishing groups in South Korea build phishing pages and apps like SecretCalls to trick victims into installing malware and accessing phishing sites for financial fraud. Detailed analysis of SecretCalls Loader reveals anti-analysis techniques like DEX encryption, emulator detection, and instal…

android
2024-05-03
south korea
financial fraud
secretcalls
voice phishing
Published: May 3, 2024

Downloadable IOCs 23

» Click here to see all Attack Reports «