← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malicious campaign targets South Korean users with backdoor-laced torrents
WHITE AlienVault 2019-07-08 Modified: 2019-07-08
158
IOCs
HIGH VOLUME
Fans of Korean TV should be on the lookout for an ongoing campaign spreading malware via torrent sites, using South Korean movies and TV shows as a guise. The malware allows the attacker to connect the compromised computer to a botnet and control it remotely.
Indicators of Compromise (9 / 158 total)
All FileHash-SHA256 domain FileHash-SHA1
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 8309fed85a75aed1f86952abc3b7fc4b6446a88cfebddb8efda0b3a84dee0dc1 2019-07-08
FileHash-SHA256 8e51055d439d6a3ed920e7cfdcb1e6f2402ee5111c3b33e01f803d5c20a30dd5 2019-07-08
FileHash-SHA256 3415a2b4d06705c8fe1dd9d94f8041156352471b466cb3d7e80e8b1c210b7ecf 2019-07-08
FileHash-SHA256 61d46c0ceb504e514fad351c4797e439edb212c829f8d4ca44568980863532e9 2019-07-08
FileHash-SHA256 6f1ca0c348312d2b77f0019331ba2ac2c3a0dec9dcc070a95ba8c3636a3b3549 2019-07-08
FileHash-SHA256 20da13b8dfccb4c734c5143f2cf826c1e13b155bae1ef87d2605944a0095019c 2019-07-08
FileHash-SHA256 32d433a2d605b44d929acc8f722ede74d4d9f751108ac4acc63ab05a1b27dce4 2019-07-08
FileHash-SHA256 1011259197060b8601e9404e6e6ec1d07002de38c6fbc48c46e0c96e26d92e77 2019-07-08
FileHash-SHA256 1418607c0912d8ac4b53659e9a5893d7ff8eed0d5930b0117ffa0fb55ee3c68e 2019-07-08
References (1)
↗ https://www.welivesecurity.com/2019/07/08/south-korean-users-backdoor-torrents/