List of “DarkHotel”

  • Attack Convincing Users to Download a Malware-Containing Shortcut File Malware
    Attack Convincing Users to Download a Malware-Containing Shortcut File
    Beginning in April 2019, JPCERT/CC has been observing attacks where targeted emails are distributed to Japanese organisations, aiming to convince recipients to download a malicious shortcut file. These emails contain a link to a shortcut file on a cloud service. When this shortcut file is executed, a downloader launches. This article is to describe the details of the downloader and the behaviour that follows. How the downloader is launched The...

    Read more

  • Asruex: Malware Infecting through Shortcut Files Malware
    Asruex: Malware Infecting through Shortcut Files
    JPCERT/CC has been observing malicious shortcut files that are sent as email attachments to a limited range of organisations since around October 2015. When this shortcut file is opened, the host will be infected with malware called “Asruex”. The malware has a remote controlling function, and attackers sending these emails seem to attempt intruding into the targets’ network using the malware. According to a blog article by Microsoft, the malware...

    Read more