silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,176
An ongoing malware distribution campaign targeting South Korea is disguising RATs (remote access trojans) as an adult game shared via webhards and torrents.
The attackers are using easily obtainable malware such as njRAT and UDP RAT, wrap them in a package that appears like a game or other program, and then upload them on webhards.
WebHard is a popular online storage service in Korea, preferred mainly for the convenience of direct downloads.
Users end up at webhards through Discord or social media posts, but popular storage repositories enjoy a steady stream of daily visitors due to the content that is shared.
As reported by analysts at ASEC, threat actors are now using webhards to distribute a UDP RAT that is disguised as ZIP file containing an adult game.
When extracted, the archive contains a 'game.exe' launcher, which is actually the UDP rate malware.
RAT malware spreading in Korea through webhards and torrents
An ongoing malware distribution campaign targeting South Korea is disguising RATs (remote access trojans) as an adult game shared via webhards and torrents.
www.bleepingcomputer.com