216.73.217.64

July 2025 APT Attack Trends Report (South Korea)

· Published 19/08/2025 16:07 · Modified 19/08/2025 21:21

Export JSON

Essential information

Published
19/08/2025 16:07
Modified
19/08/2025 21:21
Tags
2025-08-19 apt dropbox api google drive lnk files rat rokrat south korea spear-phishing xenorat
Related entities
9 techniques (mitre), 2 malware, 3 others

Description

The report analyzes Advanced Persistent Threat () attacks in during July 2025. Spear phishing was the primary attack method, with being the most common vector. Two types of LNK-based attacks were identified: Type A, which uses compressed CAB files containing malicious scripts, and Type B, which executes malware like and . The attacks targeted various sectors, including finance and blockchain, using sophisticated techniques such as email spoofing and exploiting product vulnerabilities. The report provides detailed information on file names, MD5 hashes, URLs, and IP addresses associated with these attacks, highlighting the ongoing threat to South Korean organizations.

External references