This article has been indexed from Securelist
In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed a novel infection scheme and an unfamiliar payload. After a deep analysis, we came to a conclusion: the Andariel group was behind these attacks.
Read the original article: Andariel evolves to target South Korea with ransomware