- AhnLab Security Intelligence Center (ASEC) has previously warned about the dangers of malicious code disguised as crack programs, such as XMRig and OurcusRAT.
- These malicious codes disguised as crack programs are often distributed through web hard drives, blogs, and torrents, leading to multiple system infections.
- The attackers continuously manage the infected systems by regularly updating the malware.
- In this particular case, the attackers install different malicious codes depending on the presence of V3 software, and they maintain persistence by updating the malware through task scheduler registration.
https://asec.ahnlab.com/ko/67917/