AhnLab ASEC performed an analysis on IE vulnerability CVE-2018-8174 which is being widely used to distribute ransomware and Korean malware. This vulnerability is used to distribute Magniber ransomware as well, and users must apply security patch to prevent damage that can be done.
The office of Optimus Asset Management is shown in Seoul. (Yonhap) |
SEOUL, South Korea--(BUSINESS WIRE)--AhnLab, a leading provider of integrated security solutions, today unveiled its Top 10 Security Threats in the first half of 2011
Ahn Cheol-Soo, physician, educator, politician, and computer entrepreneur who founded AhnLab, Inc., South Korea’s largest Internet security firm. He later entered politics, establishing the People’s Party and staging several unsuccessful bids for the presidency. Learn more about his life and career. AhnLab V3 Endpoint Security is a comprehensive endpoint protection that allows businesses to protect important business assets with greater confidence and agility. AhnLab V3 Endpoint Security is one of the most cost-effective and user-friendly endpoint protection solutions available in the market.
“Threats to mobile and online security are constantly becoming more sophisticated,” said Mr. HongSun Kim, CEO of AhnLab. “Therefore, it is essential to remain alert and aware of growing online trends and threats in holistic viewpoint. AhnLab provides insight into the latest online threats so that all stakeholders can take measures for protection.”
Social Network Services as Malware Path
In its findings, AhnLab emphasizes that 2011 is the year of social networking services. These services are considered a useful and popular means to connect with networks and relay messages to broad audiences. In the same vein, these sites have proven beneficial to malware paths. More specifically, a trend whereby attackers distribute malware through dominant social networking sites, such as Twitter and Facebook, has become more prominent. Attackers tend to disseminate malware by using shorted URLs connected to popular issues such as the tsunami in Japan and Osama Bin Laden’s death.
Malicious Codes Hacking Corporations
Attacks aimed at corporations were also seen on the rise during the first half of 2011. These types of attacks are known as advanced persistent threats, or APT. APTs were observed in February of 2011 when oil and energy companies were targeted and attacked by the cyber threat, ‘Night Dragon.’ In April of this year there was a conflict between hacker groups including LulzSec and Anonymous, companies targeted included: Sony, Lockheed Martin, and even the FBI. The AhnLab also notes that attackers have recently tended to express their political and social opinions through their hacking, and this movement has been called ‘Hacktivism’.
Growing Menace to Online Banking
As the main objective of most malware attackers is in increasing profit, the rising risk to online banking. More specifically, AhnLab observed in the first half of 2011 an increase in the stealing of financial information. There were two developments with Trojan malware in the first half of the year: Banker Trojan and Zeus Trojan. In May, Banker Trojan malware, which is designed to export financial data during online banking, was identified in Korea. Additionally, the Zeus Trojan source code, the most severe online banking malware created, was leaked. With this leaked source code, attackers generated many Zeus variants.
Increased Mobile Malware
AhnLab also highlights an increase in the number and sophistication of mobile malware. In the first half of 2011, a premium rate calling Android malware was identified. More specifically, this malware sent SMS to other phone numbers. Besides, Zft, forced rooting tool, KidLogger that stealing call, text and internet history, DroidKungFu that remote controls the victimized cell phone are also found. AhnLab warns that the installed malware performs tasks given by the attackers, and attackers will continue to find more ways to infect mobile devices.
Fake Antiviruses Become Harder to Identify
Rounding up the ten greatest security threats, the AhnLab notes that fake antivirus software has become more difficult to identify. In January of 2011 ASEC reported the fake antivirus program disguising as the famous ‘AVG Anti-Virus 2011.’ In April, the fake antivirus program appearing as BitDefender 2011 was also identified. This fake antivirus has the same-looking user interface and logo. Like other antiviruses, once installed, the rogue BitDefender automatically scans the system and triggers false alerts claiming user PCs have security issues and infections that require removal.
Increased Number of Malicious Codes Patching Windows
In the first half of 2011, AhnLab observed an increase in the number of malicious codes patching windows system files. Malware that steals online game accounts by patching imm32.dll, ksuser.dll, midimap.dll and compres.dll files were identified. Some malicious codes deliver cyber attacks that bring forced closing of antivirus and/or Windows services by switching or deleting normal system files. In fact, these kinds of codes are designed to damage the operating system when detected and deleted by antivirus services.
Smarter Online Game Hacking
In the first half of 2011, game hacking has risen sharply and become more acute. In fact, as of June 2011, game hacking tools increased by 300 percent compared to the same period in 2010, from 1,068 to 4,050. Hacking tools for online games bring about unfair results by modifying user data in the memory, game file and server, and by also installing an auto play cheat. Data memory modification is becoming more popular over traditional code modification, and auto play cheating uses a specific action function as opposed to mouse and keyboard codes. AhnLab stipulates that 2,575 memory modification tools and 1,274 auto play tools were identified.
Increased Threat to Mac OS Users
Although Mac OS users have generally been considered relatively safer than Windows users, AhnLab found that Mac OS users are vulnerable to greater risks. AhnLab also notes that this trend is rising in conjunction with the increased number of Mac and iPhone users. In fact, in May of this year, the fake antivirus application, MAC defender, was spread throughout Twitter. Upon installation by Mac users, this application infected the system. The latest ASEC report warns that Mac users should be particularly careful not to open any links sent by unknown users.
Spam Mails with Malicious Codes
Spam mails with malicious codes were also on the rise in 2011, particularly in the second quarter. AhnLab observed the trend whereby mail disguises itself as either a Facebook password reset, or a FedEx or UPS invoice. AhnLab also notes a rise in malicious mails disguised as ‘credit card maxed out’ warnings, which direct victims to run corrupted files. In most cases, these malicious mails attempted to install fake antivirus programs.
Malicious Codes Spread Through Web Application Vulnerability
Malicious codes exploiting web application vulnerability were also a noted as a security in the ASEC Report. In the 1st quarter of 2011 the following vulnerabilities were exploited: MS11-003: Internet Explorer; MS11-006: Windows OS; CVE-2011-0609: Adobe Flash Player. In the 2nd quarter, CVE-2011-0609 was found again in PDF form, and another Adobe Flash Player vulnerability, CVE-2011-0611, was also found. In June, CVE-2011-2110 from Adobe and MS11-050 from MS were exploited for the diffusion of malware. AhnLab advises that all users update the latest patches for all software including Windows and Adobe, to prevent victimization.
For more information on the latest security threats through the first half of 2011, please visit (http://globalblog.ahnlab.com)
About AhnLab, Inc.
Headquartered in South-Korea, AhnLab Inc. (KSE: 053800) develops industry-leading security solutions and provides professional services that are designed to secure and protect critical business and personal information. As a leading innovator in the information security arena since 1988, AhnLab's cutting edge products and services have been fulfilling the stringent security requirements of both enterprises and individual users. AhnLab’s products and services include anti-virus solutions, network, mobile and online game security, security management and consulting services. Today, AhnLab boasts a network of sales and research operations in more than 20 countries worldwide.