Tech Report

Find the latest threat intelligences direct from AhnLab’s security experts

Threat Analysis

Full Discloser of Andariel, a Subgroup of Lazarus Threat Group

This report describes the several cyberattacks by Andariel Threat Group including main methods, and changes in their purpose and targets

PDF Downloads

In-depth Analysis

Detailed Analysis of Red Eyes Hacking Group

This report takse a closer look at the main activities of Red Eyes and another group that may be affiliated with it.

PDF Downloads

Issue Report

  • Analysis Report on Attacks Targeting South Korea

    This report shows attacks targeting South Korea; attack method and hacking groups.

    PDF Downloads
  • Targeted Attacks on Defense Industry

    This report presents analysis of attacks on defense industry which can be serious concerns to national security.

    PDF Downloads
  • Analysis Report on WannaCryptor

    This report presents analysis on WannaCryptor, also known as WannaCry and Wcrypt, which has quickly spread worldwide.

    PDF Downloads
  • Ransomware Trends to Watch

    This report presents ransomware trends that have evolved more quickly and become more diverse since 2016.

    PDF Downloads
  • Locky Ransomware Variants Cropping Up Continuously

    This report presents the Locky ransomware variants and the most practical ransomware response strategy.

    PDF Downloads
  • [Analysis of Zero-Day Exploit #04: Almighty Zero-day Attack: GodMode (CVE-2014-6332)]

    This report presents what GodMode is and how attackers are able VBScript in web browser to perform malicious behaviors by GodMode.

    PDF Downloads
  • [Analysis of Zero-Day Exploit #03: Heap-based Buffer Overflow Vulnerability in Adobe Flash Player]

    This report shows a detailed analysis of the vulnerability of CVE-2014-0556, which affects both web browsers and document files (PDF or MS Office) containing Flash content.

    PDF Downloads
  • [Analysis of Zero-Day Exploit #02: Windows OLE Remote Code Execution Vulnerability]

    This report presents how attackers exploit the zero-day vulnerability "CVE-2014-4114" and execute arbitrary codes via a crafted OLE object in an Office document.

    PDF Downloads