AhnLab (CEO Seok-gyun Kang) recently discovered a malicious document file (see supplementary materials) disguised as the ‘Consent Form for Collection and Use of Personal Information Related to Application for COVID-19 Emergency Disaster Relief Fund (hereinafter referred to as Personal Information Consent Form for Disaster Relief Fund Application)’ and urged users to be cautious.
The malicious document disguised as the ‘Disaster Relief Fund Application Personal Information Consent Form’ discovered by AhnLab was altered by an attacker inserting a malicious script into a normal format document (.hwp).
If a user runs this malicious Hangul document file using a Hangul program that does not have the latest security patch, the malicious script in the document automatically runs without the user’s knowledge and the user’s PC is infected with malware. Because personal information consent items for applying for disaster relief funds appear on the user screen, it is difficult for users to notice that they are infected with malicious code.
After infection, the malware was analyzed to attempt to download additional malware by accessing a malicious URL. Malicious scripts do not run in Hangul programs that have the latest security patches applied. Additionally, V3 malicious document files are currently diagnosed and blocked from execution.
To prevent damage, ▲Apply the latest security patches for programs such as office SW, OS (operating system), and Internet browser (IE, Chrome, Firefox, etc.) ▲Use the official download path when downloading files on the Internet ▲Prohibit running files from unknown sources ▲Update on anti-virus software Security rules must be followed, such as maintaining versions and implementing real-time monitoring functions.
“Attackers use the latest social issues to spread malware,” said Choi Yu-rim, a senior researcher on the AhnLab analysis team. “Users should not blindly run document files from unknown or suspicious sources and should always maintain security, such as immediately applying security patches.” “We must practice the rules,” he said.
Source: Pangyo Techno Valley Official Newsroom
→ Go to ‘Asia Innovation Hub Pangyo Techno Valley 2021’ news