Lately, attacks on South Korean web servers utilizing MeshAgent and SuperShell have been identified. The presence of ELF-based malware at the malicious code distribution address suggests that the attackers are targeting not only Windows servers but also Linux servers. It is assumed that the attackers installed a web shell using a file upload vulnerability and […]| ASEC
AhnLab Security intelligence Center (ASEC) has recently discovered the distribution of backdoor malware via aNotepad, a free online notepad platform. Said malware supports both the PE format that targets the Windows system and the ELF format that targets the Linux system. As the threat actor used the string ‘WingOfGod’ during the development of the malware, […]| ASEC