- AhnLab Security Intelligence Center (ASEC) has been continuously introducing ransomware and info-stealer malware that utilize copyright infringement warning/resume disguise content.
- Recently, a new distribution of malware has been confirmed based on warnings about copyright infringement.
- The email body content is not significantly different from before, but a change in the method of delivering the malware has been observed.
- Previously, a password-protected compressed file was attached to the email, but now a method of inducing downloads by including an external link in the email has been adopted.
- Clicking on the hyperlink “Check copyright violation content” in the email body downloads the compressed file.
- The compressed file does not have a separate password, but it is the initial download for the compressed file.
https://asec.ahnlab.com/ko/64656/