CHM Malware Stealing User Information Being Distributed in Korea - ASEC BLOG
asec.ahnlab.com
AhnLab SEcurity intelligence Center (ASEC) has recently discovered circumstances of a CHM malware strain that steals user information being distributed to Korean users. The distributed CHM is a type that has been constantly distributed in various formats such as LNK, DOC, and OneNote from the past. A slight change to the operation process was observed in the recent samples. The overall execution flow is shown in Figure 1. The malware is a type that uses multiple scripts to ultimately send...