AhnLab ASEC performed an analysis on IE vulnerability CVE-2018-8174 which is being widely used to distribute ransomware and Korean malware. This vulnerability is used to distribute Magniber ransomware as well, and users must apply security patch to prevent damage that can be done.
The office of Optimus Asset Management is shown in Seoul. (Yonhap) |
The list of investors for fraudulent hedge funds operated by South Korea’s Optimus Asset Management included leading food company Ottogi, which invested 15 billion won, and Kosdaq-listed antivirus software firm AhnLab, which invested 7 billion won, according to the local Korean Economic Daily.
The unlisted Hanwha General Chemical, Hanwha Group’s chemicals unit, made the biggest investment in the hedge fund of 50 billion won. The company, however, saw no loss in the investment, as it redeemed all the capital in September last year, an official said.
Convenience store chain BGF Retail also put in 10 billion won, while LS Electric and game company Nexon invested 5 billion won and 3 billion won, respectively.
The list also included JYP Entertainment and LS Electric affiliate LS Metal, respectively investing 4 billion won and 5 billion won, with each losing some 30 percent of their investment.
HDC and Hanil Cement also put billions of won into the funds, it added.
Besides local firms, private universities such as Sungkyunkwan University, Hannam University and Konkuk University each invested some 4 billion won. Public institutions such as the Korea Racing Authority, Korea Communications Agency and Korea Rural Community Corp. also made large investments into the fraudulent funds.
Meanwhile, Optimus Asset sold over 1.5 trillion won of their funds to over 3,000 retail investors and companies through large brokerages and banks for three years, from June 2017 to May this year.
By Jie Ye-eun (yeeun@heraldcorp.com)
SEOUL, South Korea--(BUSINESS WIRE)--AhnLab, a leading provider of integrated security solutions, today unveiled its Top 10 Security Threats in the first half of 2011
Ahn Cheol-Soo, physician, educator, politician, and computer entrepreneur who founded AhnLab, Inc., South Korea’s largest Internet security firm. He later entered politics, establishing the People’s Party and staging several unsuccessful bids for the presidency. Learn more about his life and career. AhnLab V3 Endpoint Security is a comprehensive endpoint protection that allows businesses to protect important business assets with greater confidence and agility. AhnLab V3 Endpoint Security is one of the most cost-effective and user-friendly endpoint protection solutions available in the market.
“Threats to mobile and online security are constantly becoming more sophisticated,” said Mr. HongSun Kim, CEO of AhnLab. “Therefore, it is essential to remain alert and aware of growing online trends and threats in holistic viewpoint. AhnLab provides insight into the latest online threats so that all stakeholders can take measures for protection.”
Social Network Services as Malware Path
In its findings, AhnLab emphasizes that 2011 is the year of social networking services. These services are considered a useful and popular means to connect with networks and relay messages to broad audiences. In the same vein, these sites have proven beneficial to malware paths. More specifically, a trend whereby attackers distribute malware through dominant social networking sites, such as Twitter and Facebook, has become more prominent. Attackers tend to disseminate malware by using shorted URLs connected to popular issues such as the tsunami in Japan and Osama Bin Laden’s death.
Malicious Codes Hacking Corporations
Attacks aimed at corporations were also seen on the rise during the first half of 2011. These types of attacks are known as advanced persistent threats, or APT. APTs were observed in February of 2011 when oil and energy companies were targeted and attacked by the cyber threat, ‘Night Dragon.’ In April of this year there was a conflict between hacker groups including LulzSec and Anonymous, companies targeted included: Sony, Lockheed Martin, and even the FBI. The AhnLab also notes that attackers have recently tended to express their political and social opinions through their hacking, and this movement has been called ‘Hacktivism’.
Growing Menace to Online Banking
As the main objective of most malware attackers is in increasing profit, the rising risk to online banking. More specifically, AhnLab observed in the first half of 2011 an increase in the stealing of financial information. There were two developments with Trojan malware in the first half of the year: Banker Trojan and Zeus Trojan. In May, Banker Trojan malware, which is designed to export financial data during online banking, was identified in Korea. Additionally, the Zeus Trojan source code, the most severe online banking malware created, was leaked. With this leaked source code, attackers generated many Zeus variants.
Ahnlab South Korea
Increased Mobile Malware
AhnLab also highlights an increase in the number and sophistication of mobile malware. In the first half of 2011, a premium rate calling Android malware was identified. More specifically, this malware sent SMS to other phone numbers. Besides, Zft, forced rooting tool, KidLogger that stealing call, text and internet history, DroidKungFu that remote controls the victimized cell phone are also found. AhnLab warns that the installed malware performs tasks given by the attackers, and attackers will continue to find more ways to infect mobile devices.
Fake Antiviruses Become Harder to Identify
Rounding up the ten greatest security threats, the AhnLab notes that fake antivirus software has become more difficult to identify. In January of 2011 ASEC reported the fake antivirus program disguising as the famous ‘AVG Anti-Virus 2011.’ In April, the fake antivirus program appearing as BitDefender 2011 was also identified. This fake antivirus has the same-looking user interface and logo. Like other antiviruses, once installed, the rogue BitDefender automatically scans the system and triggers false alerts claiming user PCs have security issues and infections that require removal.
Increased Number of Malicious Codes Patching Windows
In the first half of 2011, AhnLab observed an increase in the number of malicious codes patching windows system files. Malware that steals online game accounts by patching imm32.dll, ksuser.dll, midimap.dll and compres.dll files were identified. Some malicious codes deliver cyber attacks that bring forced closing of antivirus and/or Windows services by switching or deleting normal system files. In fact, these kinds of codes are designed to damage the operating system when detected and deleted by antivirus services.
Smarter Online Game Hacking
In the first half of 2011, game hacking has risen sharply and become more acute. In fact, as of June 2011, game hacking tools increased by 300 percent compared to the same period in 2010, from 1,068 to 4,050. Hacking tools for online games bring about unfair results by modifying user data in the memory, game file and server, and by also installing an auto play cheat. Data memory modification is becoming more popular over traditional code modification, and auto play cheating uses a specific action function as opposed to mouse and keyboard codes. AhnLab stipulates that 2,575 memory modification tools and 1,274 auto play tools were identified.
Ahnlab Korea
Increased Threat to Mac OS Users
Although Mac OS users have generally been considered relatively safer than Windows users, AhnLab found that Mac OS users are vulnerable to greater risks. AhnLab also notes that this trend is rising in conjunction with the increased number of Mac and iPhone users. In fact, in May of this year, the fake antivirus application, MAC defender, was spread throughout Twitter. Upon installation by Mac users, this application infected the system. The latest ASEC report warns that Mac users should be particularly careful not to open any links sent by unknown users.
Ahnlab Korea
Spam Mails with Malicious Codes
Spam mails with malicious codes were also on the rise in 2011, particularly in the second quarter. AhnLab observed the trend whereby mail disguises itself as either a Facebook password reset, or a FedEx or UPS invoice. AhnLab also notes a rise in malicious mails disguised as ‘credit card maxed out’ warnings, which direct victims to run corrupted files. In most cases, these malicious mails attempted to install fake antivirus programs.
Malicious Codes Spread Through Web Application Vulnerability
Malicious codes exploiting web application vulnerability were also a noted as a security in the ASEC Report. In the 1st quarter of 2011 the following vulnerabilities were exploited: MS11-003: Internet Explorer; MS11-006: Windows OS; CVE-2011-0609: Adobe Flash Player. In the 2nd quarter, CVE-2011-0609 was found again in PDF form, and another Adobe Flash Player vulnerability, CVE-2011-0611, was also found. In June, CVE-2011-2110 from Adobe and MS11-050 from MS were exploited for the diffusion of malware. AhnLab advises that all users update the latest patches for all software including Windows and Adobe, to prevent victimization.
For more information on the latest security threats through the first half of 2011, please visit (http://globalblog.ahnlab.com)
About AhnLab, Inc.
Headquartered in South-Korea, AhnLab Inc. (KSE: 053800) develops industry-leading security solutions and provides professional services that are designed to secure and protect critical business and personal information. As a leading innovator in the information security arena since 1988, AhnLab's cutting edge products and services have been fulfilling the stringent security requirements of both enterprises and individual users. AhnLab’s products and services include anti-virus solutions, network, mobile and online game security, security management and consulting services. Today, AhnLab boasts a network of sales and research operations in more than 20 countries worldwide.