ESTsecurity, a surge in hacking attacks exploiting anxiety such as 'violation of quarantine rules police station summons'
ESTsecurity, a surge in hacking attacks exploiting anxiety such as 'violation of quarantine rules police station summons'
ESTsecurity, a surge in hacking attacks exploiting anxiety such as 'violation of quarantine rules police station summons'
ESTsecurity, a surge in hacking attacks exploiting anxiety such as 'violation of quarantine rules police station summons'
broad
2022. 4. 8.
22. 4. 8.
Attendance request forms, complaints, and Bitcoin transaction information continue to emerge as threats that prey on user's anxiety
Attendance request forms, complaints, and Bitcoin transaction information continue to emerge as threats that prey on user's anxiety
Attendance request forms, complaints, and Bitcoin transaction information continue to emerge as threats that prey on user's anxiety
Attendance request forms, complaints, and Bitcoin transaction information continue to emerge as threats that prey on user's anxiety
Security specialist company ESTsecurity (CEO Jung Jin-il) warned that hacking emails exploiting various social concerns and anxieties are being mass-distributed in South Korea, and that users need to pay special attention, as announced on the 7th.
The ESTsecurity Security Response Center (hereinafter referred to as ESRC) has confirmed that since March 25th, hacking emails with malicious Word (DOC) document files attached, such as 'COVID-19 quarantine rule violation investigation notification' and 'Emergency disaster relief fund application form', which trigger users' interest and anxiety, have been mass-distributed in Korea.
This attack has been identified as an extension of the attack revealed by ESRC on March 25th, which impersonated the 'Korea Internet & Security Agency (KISA)'. The email's attached Word files contained malicious macro commands commonly used in this type of analysis.
The attackers induce recipients to activate the malicious macro by pressing the [Enable Content] button. Once the button is pressed, the actual document screen is displayed while attempting to hide the threat exposure as much as possible. However, some attacks employ a simple deception strategy by showing broken phrases, making it appear as though the document content is damaged.
If the malicious macro is allowed, communication with the command and control (C2) server designated by the attacker takes place, and additional malicious files are installed without the user's knowledge. Moreover, information such as ▲ user names, ▲ types of antivirus programs, ▲ types of operating systems, ▲ system version information, etc., are covertly collected and attempted to be leaked.
The leaked primary information provides the necessary environment for staged follow-up attacks, so it is crucial to always pay special attention when checking emails, and not to allow the [Enable Content] button in Word or Excel documents for security reasons.
Currently, ESTsecurity's antivirus program ALYac is detecting these malicious codes as 'Trojan.Downloader.DOC.Gen', and the company is continuously responding to additional variants.
An ESRC official stated, "The techniques of hacking emails distributed by cyber threat organizations are becoming increasingly sophisticated and tricky," and "The unauthorized external leakage of unspecified numbers of PC information through hacking emails can be seen as a preliminary stage that may lead to unexpected additional harm," urging users to be vigilant.
Meanwhile, ESTsecurity is closely sharing related cyber threat information with authorities such as the Korea Internet & Security Agency (KISA) to prevent the spread of known threats.
Security specialist company ESTsecurity (CEO Jung Jin-il) warned that hacking emails exploiting various social concerns and anxieties are being mass-distributed in South Korea, and that users need to pay special attention, as announced on the 7th.
The ESTsecurity Security Response Center (hereinafter referred to as ESRC) has confirmed that since March 25th, hacking emails with malicious Word (DOC) document files attached, such as 'COVID-19 quarantine rule violation investigation notification' and 'Emergency disaster relief fund application form', which trigger users' interest and anxiety, have been mass-distributed in Korea.
This attack has been identified as an extension of the attack revealed by ESRC on March 25th, which impersonated the 'Korea Internet & Security Agency (KISA)'. The email's attached Word files contained malicious macro commands commonly used in this type of analysis.
The attackers induce recipients to activate the malicious macro by pressing the [Enable Content] button. Once the button is pressed, the actual document screen is displayed while attempting to hide the threat exposure as much as possible. However, some attacks employ a simple deception strategy by showing broken phrases, making it appear as though the document content is damaged.
If the malicious macro is allowed, communication with the command and control (C2) server designated by the attacker takes place, and additional malicious files are installed without the user's knowledge. Moreover, information such as ▲ user names, ▲ types of antivirus programs, ▲ types of operating systems, ▲ system version information, etc., are covertly collected and attempted to be leaked.
The leaked primary information provides the necessary environment for staged follow-up attacks, so it is crucial to always pay special attention when checking emails, and not to allow the [Enable Content] button in Word or Excel documents for security reasons.
Currently, ESTsecurity's antivirus program ALYac is detecting these malicious codes as 'Trojan.Downloader.DOC.Gen', and the company is continuously responding to additional variants.
An ESRC official stated, "The techniques of hacking emails distributed by cyber threat organizations are becoming increasingly sophisticated and tricky," and "The unauthorized external leakage of unspecified numbers of PC information through hacking emails can be seen as a preliminary stage that may lead to unexpected additional harm," urging users to be vigilant.
Meanwhile, ESTsecurity is closely sharing related cyber threat information with authorities such as the Korea Internet & Security Agency (KISA) to prevent the spread of known threats.
Security specialist company ESTsecurity (CEO Jung Jin-il) warned that hacking emails exploiting various social concerns and anxieties are being mass-distributed in South Korea, and that users need to pay special attention, as announced on the 7th.
The ESTsecurity Security Response Center (hereinafter referred to as ESRC) has confirmed that since March 25th, hacking emails with malicious Word (DOC) document files attached, such as 'COVID-19 quarantine rule violation investigation notification' and 'Emergency disaster relief fund application form', which trigger users' interest and anxiety, have been mass-distributed in Korea.
This attack has been identified as an extension of the attack revealed by ESRC on March 25th, which impersonated the 'Korea Internet & Security Agency (KISA)'. The email's attached Word files contained malicious macro commands commonly used in this type of analysis.
The attackers induce recipients to activate the malicious macro by pressing the [Enable Content] button. Once the button is pressed, the actual document screen is displayed while attempting to hide the threat exposure as much as possible. However, some attacks employ a simple deception strategy by showing broken phrases, making it appear as though the document content is damaged.
If the malicious macro is allowed, communication with the command and control (C2) server designated by the attacker takes place, and additional malicious files are installed without the user's knowledge. Moreover, information such as ▲ user names, ▲ types of antivirus programs, ▲ types of operating systems, ▲ system version information, etc., are covertly collected and attempted to be leaked.
The leaked primary information provides the necessary environment for staged follow-up attacks, so it is crucial to always pay special attention when checking emails, and not to allow the [Enable Content] button in Word or Excel documents for security reasons.
Currently, ESTsecurity's antivirus program ALYac is detecting these malicious codes as 'Trojan.Downloader.DOC.Gen', and the company is continuously responding to additional variants.
An ESRC official stated, "The techniques of hacking emails distributed by cyber threat organizations are becoming increasingly sophisticated and tricky," and "The unauthorized external leakage of unspecified numbers of PC information through hacking emails can be seen as a preliminary stage that may lead to unexpected additional harm," urging users to be vigilant.
Meanwhile, ESTsecurity is closely sharing related cyber threat information with authorities such as the Korea Internet & Security Agency (KISA) to prevent the spread of known threats.
WE WORK WITH AI
We believe that AI makes the world more convenient and safer
1.
Senior care with AI
AI senior care service that takes responsibility for seniors' Fun and cognitive enhancement with AI human technology
2.
Education with AI
Celebrity instructor video lecture creation, TOEIC speaking education content production, as a fitness training instructor
Expansion of educational businesses in various fields such as AI content
3.
Content with AI
Implementing 'moving pictures' with EST AI technology, 'face transformation, makeup application, and clothing creation' through deep learning
Creating and utilizing various AI human content such as new employee analysts, announcers, etc.
4.
API business with AI
Companies can focus on their inherent customer value by providing data and solutions using AI
as an API.
5.
Software with AI
Background removal technology applied in ALSee Capture, like the smooth design of ESTsoft AI technology and ALTools products,
provides the utility environment that users want.
WE WORK WITH AI
We believe that AI makes
the world more convenient
and safer
1.
Senior care with AI
AI senior care service that takes responsibility for seniors' Fun and cognitive enhancement with AI human technology
2.
Education with AI
Celebrity instructor video lecture creation, TOEIC speaking education content production, as a fitness training instructor
Expansion of educational businesses in various fields such as AI content
3.
Content with AI
Implementing 'moving pictures' with EST AI technology, 'face transformation, makeup application, and clothing creation' through deep learning
Creating and utilizing various AI human content such as new employee analysts, announcers, etc.
4.
API business with AI
We provide data and solutions utilizing AI through APIs to enable companies to focus on their inherent customer value.
5.
Software with AI
Background removal technology applied in ALSee Capture, like the smooth design of ESTsoft AI technology and ALTools products,
provides the utility environment that users want.
WE WORK WITH AI
We believe that AI makes the world more convenient and safer
1.
Senior care with AI
AI senior care service that takes responsibility for seniors' Fun and cognitive enhancement with AI human technology
2.
Education with AI
Celebrity instructor video lecture creation, TOEIC speaking education content production, as a fitness training instructor
Expansion of educational businesses in various fields such as AI content
3.
Content with AI
Implementing 'moving pictures' by applying EST AI technology, producing various AI human contents such as 'face transformation, makeup application, and clothing creation' for new employees including analysts and announcers, and utilizing them
4.
API business with AI
Companies can focus on their inherent customer value by providing data and solutions using AI
as an API.
5.
Software with AI
Background removal technology applied in ALSee Capture, like the smooth design of ESTsoft AI technology and ALTools products,
provides the utility environment that users want.
WE WORK WITH AI
We believe that AI makes the world more convenient and safer
1.
Senior care with AI
AI senior care service that takes responsibility for seniors' Fun and cognitive enhancement with AI human technology
2.
Education with AI
Expansion of educational businesses in various fields, such as the establishment of celebrity lecture video courses, production of TOEIC speaking educational content, and AI content as a fitness training instructor
3.
Content with AI
Implementing 'moving pictures' with EST AI technology, 'face transformation, makeup application, and clothing creation' through deep learning
Creating and utilizing various AI human content such as new employee analysts, announcers, etc.
4.
API business with AI
We provide data and solutions utilizing AI through APIs to enable companies to focus on their intrinsic customer value.
5.
Software with AI
Background removal technology applied in ALSee Capture, like the smooth design of ESTsoft AI technology and ALTools products,
provides the utility environment that users want.
LET'S Connect
We collaborate with ambitious brands and people around the world.
To learn more about creating digital experiences that effectively reach and engage customers and target audiences, please contact us.
Download Company Brochure
CEO: Sangwon Jung
Business Registration Number 229-81-03214 Mail-Order Business Notification Number 2011-Seoul Seocho-1962
EST Building, 3 Banpo-daero, Seocho-gu, Seoul (Postal Code)06711
Family Site
ⓒ EST. 2024
LET'S Connect
We collaborate with ambitious brands and people around the world.
To learn more about creating digital experiences that effectively reach and engage customers and target audiences, please contact us.
Download Company Brochure
CEO: Sangwon Jung
Business Registration Number 229-81-03214 Mail-Order Business Notification Number 2011-Seoul Seocho-1962
EST Building, 3 Banpo-daero, Seocho-gu, Seoul (Postal Code)06711
Family Site
ⓒ EST. 2024
LET'S Connect
We collaborate with ambitious brands and people around the world.
To learn more about creating digital experiences that effectively reach and engage customers and target audiences, please contact us.
Download Company Brochure
CEO: Sangwon Jung
Business Registration Number 229-81-03214 Mail-Order Business Notification Number 2011-Seoul Seocho-1962
EST Building, 3 Banpo-daero, Seocho-gu, Seoul (Postal Code)06711
Family Site
ⓒ EST. 2024
LET'S Connect
We collaborate with ambitious brands and people around the world.
To learn more about creating digital experiences that effectively reach and engage customers and target audiences, please contact us.
Download Company Brochure
CEO: Sangwon Jung
Business Registration Number 229-81-03214 Mail-Order Business Notification Number 2011-Seoul Seocho-1962
EST Building, 3 Banpo-daero, Seocho-gu, Seoul (Postal Code)06711
Family Site
ⓒ EST. 2024