DDoS IRC Bot Malware Spreading Through Korean WebHard Platforms

[silversurfer]

Content source

https://thehackernews.com/2022/01/ddos-irc-bot-malware-spreading-through.html

An IRC (Internet Relay Chat) bot strain programmed in GoLang is being used to launch distributed denial-of-service (DDoS) attacks targeting users in Korea.
"The malware is being distributed under the guise of adult games," researchers from AhnLab's Security Emergency-response Center (ASEC) said in a new report published on Wednesday. "Additionally, the DDoS malware was installed via downloader and UDP RAT was used."
The attack works by uploading the malware-laced games to webhards, which refers to a web hard drive or a remote file hosting service, in the form of compressed ZIP archives that, when opened, includes an executable ("Game_Open.exe") that's orchestrated to run a malware payload aside from launching the actual game.

"The malware is being distributed actively via file sharing websites such as Korean webhards," AhnLab said. "As such, caution is advised when approaching executables downloaded from a file-sharing website. It is recommend[ed] for the users to download products from the official websites of developers."

DDoS IRC Bot Malware Spreading Through Korean WebHard Platforms

A malware distribution campaign is spreading DDoS IRC bot disguised as adult games through Korean WebHard platforms.

thehackernews.com