On the 5th, AhnLab discovered a case where malicious code was distributed by exploiting the recent social concern over the 'Fukushima contaminated water discharge' controversy and urged users to be cautious.
The attacker first distributed a Windows Help file (.chm) named 'project.chm'. It is presumed that emails containing information related to contaminated water treatment were used for distribution. If a user carelessly executes the file, an article containing the current status related to the 'Fukushima contaminated water discharge' and the 'No Japan' campaign appears.
Subsequently, a backdoor malware is installed on the user's system without their knowledge. After installation, this malware can perform various malicious activities such as file upload and download, information theft, and more on the infected PC according to the attacker's commands.
Currently, AhnLab V3 detects and blocks this malware. To prevent damage caused by malware, users should follow security guidelines such as ▲ not downloading or executing files from unknown sources ▲ applying the latest security patches to office software, OS (operating system), and internet browsers (Edge, Chrome, Firefox, etc.) ▲ keeping antivirus software up to date and running real-time monitoring features.
Ga-Young Lee, a senior researcher at AhnLab's analysis team, said, “Attackers actively use trending topics to induce users to execute malicious files by arousing their curiosity. Even if the content is attention-grabbing, do not save or execute files from unknown sources, and follow basic security rules such as keeping antivirus software updated.”
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
