A few weeks ago, we have been alerted by our colleagues from Korea to a specially crafted Hangul Word Processor document (.hwp) that exploits an application vulnerability in the Hancom Office word processing software. The file extension .HWP is a popular Korean word processor file format – just the right format for targeting Korean prospective…
Read MoreRoland Dela Paz
Threat Researcher
Targeted Attack Uses Recent Adobe Flash Player Vulnerability (CVE-2012-0779) Reports of a targeted attack surfaced recently. One such attack arrives as an email message that trick users into executing a malicious attachment. The malicious attachment, as expected, is a file that exploits CVE-2012-0779, found in several versions of Adobe Flash Player. Exploitation results to a…
Read MoreIn our previous blog, we focused on the emergence of hybridized malware, in which malware arrives already infected by a file infector. In effect, there are two different malware families that will run on the infected system. In this scenario, attackers are able to maximize system compromise by deploying two different payloads in one execution,…
Read MoreDutch users were recently targeted in a website compromise that involved a popular news site in the Netherlands, nu.nl. The site was compromised and modified to load a malicious iframe that resulted to visitors’ systems being infected with a SINOWAL variant. Trend Micro researcher Feike Hacquebord says that considering the different characteristics of this attack,…
Read MoreRansomware attacks are growing in popularity these days. French users were a recent target of an attack that impersonated the Gendarmerie nationale. A few months ago, Japanese users were also hit by ransomware in a one-click billing fraud scheme targeted for Android smartphones. Last year we documented two ransomware campaigns that targeted Russian users. One attack…
Read More