#AhnLabSecurity

South Korean ERP Vendor’s Server Hacked to Spread Xctdoor Malware

by

July 3, 2024 at 12:15AM An unnamed South Korean enterprise resource planning (ERP) vendor’s product update server was compromised, leading to the delivery of a Go-based backdoor called Xctdoor. AhnLab Security Intelligence Center identified the attack, which shares similarities with tactics used by the infamous Lazarus Group. The attack also involved a malware injector called … Read more

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining

by

December 27, 2023 at 01:06AM Adversaries are targeting poorly secured Linux SSH servers to install malware for carrying out cryptocurrency mining and DDoS attacks. AhnLab Security Emergency Response Center warns of installing scanners and selling breached IP and account credentials on the dark web. To mitigate risks, users are advised to use strong, updated passwords … Read more