Korean MalDoc Drops Evil New Years Presents

February 23, 2017 by Warren Mercer and Paul Rascagneres.


Talos has investigated a targeted malware campaign against South Korean users. The campaign was active between November 2016 and January 2017, targeting a limited number of people. The infection vector is a Hangul Word Processor document (HWP), a popular alternative to Microsoft Office for South Korean users developed by Hancom.

The malicious document in question is written in Korean with the following title:

5170101-17년_북한_신년사_분석.hwp (translation: 5170101-17 __ North Korea _ New Year _ analysis .hwp) 

This document was alleged to be written by the Korean Ministry of Unification and included their logo as a footer on the document.


Full Article

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico