31 reports
South Korea’s Ministry of National Defense said malware was distributed through an internet antivirus relay server after attackers exploited weaknesses in the military internet antivirus system. Investigators found the same malware on some defense-network…
South Korean reporting summarized a compromise affecting military-related systems after the Cyber Command and National Intelligence Service investigated whether other defense and foreign-security agencies were impacted. The excerpt says some military mate…
NixTech issued security updates for SafePC after a vulnerability allowed abuse of its file distribution feature for malware delivery and remote code execution. Affected products include SafePC Enterprise 3.5, 4.0, and 5.0, SafePrivacy 4.0 and 5.0, and Saf…
malwares.com analyzed malicious Hangul Word Processor documents that exploited a vulnerability rather than relying on macros, allowing code execution when the document was opened in affected HWP versions. The embedded BinData area contained shellcode obfu…
A South Korean public-private investigation attributed the Interpark customer-data breach and extortion case to North Korea's Reconnaissance General Bureau, citing analysis of police-provided evidence and on-site investigation. The attacker initially infe…
360’s report links the 2016 Bangladesh Central Bank theft and the attempted attacks on Vietnam’s Tien Phong Bank and other banks through shared focus on SWIFT operations and malware code commonality. The Bangladesh case involved fraudulent SWIFT transfer …
The 360 analysis links the 2016 Bangladesh Bank SWIFT theft, the 2015 Tien Phong Bank incident, and earlier Ecuadorian and Sonali Bank cases through a shared pattern of obtaining SWIFT authority, issuing fraudulent transfer instructions, and manipulating …
A Korean shopping mall incident involved a suspected APT malware sample named “OurFamily.abcd.scr” that was reportedly distributed as an email attachment and disguised as a Windows screensaver file. When executed, the SCR dropper created msoia.exe under a…
South Korean prosecutors reported a spear-phishing operation assessed as likely run by a North Korean hacking organization between January and June 2016. The attackers created 27 phishing sites impersonating Google, Naver, Daum, Microsoft, QQ, government …
South Korean police and a joint government investigation team assessed the Interpark customer-data theft and extortion case as the work of North Korea's Reconnaissance General Bureau. Their attribution cited relay IPs used to send hacking emails or receiv…
Hauri analyzed malware used in the Interpark breach, where a shopping mall employee's PC was compromised through an email attachment sent under the guise of an acquaintance. The sample attempted to hide infection by launching a legitimate screensaver file…
South Korean police attributed a February compromise of domestic conglomerate networks to North Korea, reporting that more than 130,000 computers were infected with the “Ghost Rat” malware. TachyonLab analyzed a sample named zegost.exe, describing it as a…
Kaspersky linked Operation Daybreak to ScarCruft based on shared infrastructure and targeting, describing targeted attacks against more than two dozen high-profile victims across Asia, Europe, the Middle East, and the United States. The campaign used a pr…
South Korea's National Police Agency attributed a long-running intrusion into two major conglomerates to North Korea, finding that attackers had abused an unauthenticated bypass flaw in an enterprise PC management product used across many organizations. I…
The provided excerpt is mostly IBM Security site navigation, product marketing, webinar listings, and podcast links rather than the body of the referenced SWIFT attack article. It does not include concrete details about the alleged SWIFT intrusion, victim…