ASEC Blog publishes Ransom & Dark Web Issues Week 1, May 2026         Guatemalan Government Agency Data Sold on DarkForums BlackWater Ransomware Attack Targets Chinese Auto Parts Manufacturer Japanese Fintech Firm Suffers Unauthorized GitHub Access

ASEC Blog publishes Ransom & Dark Web Issues Week 5, April 2026           Emergence of a new ransomware group, M3RX Data from a South Korean religious organization sold on DarkForums ShinyHunters claims a data leak from a US interactive media company

ASEC Blog publishes Ransom & Dark Web Issues Week 4, April 2026           ShinyHunters Claims Data Breach Involving Major U.S. Convenience Store Chain ShinyHunters Claims Theft of Internal Data and Source Code from U.S. Software Development Firm Emergence of New Data Extortion Group: Prinz Eugen

Content. a number of malware samples including phishing, web shell, droppers, backdoor malware, downloaders, Infostealer, and CoinMiner targeting the financial sector have been distributed. we observed a number of cases where Korean disguised attachment names and HTML/JS execution methods were utilized to propagate phishing. account compromise campaigns through the Telegram API were confirmed, with approximately […]

ASEC Blog publishes Ransom & Dark Web Issues Week 3, April 2026           Emergence of New Ransomware Groups: TiMC, BlackWater, and Lamashtu [1], [2], [3] NoName05716 Claims DDoS Attacks on South Korean Public & Private Sectors [1], [2], [3] VECT & TeamPCP Campaign: Supply Chain Attack Exploiting Global Travel Platform

Alert this report is a summary of deep web and dark web source-based material and contains some facts that cannot be fully verified due to the nature of the sources. Major Issues BreachForums’ internal collapse and attempts to rebuild were observed. trust was undermined by the betrayal of moderators and the movement of funds, and […]

Alerts this report is based on reports of data breaches and the sale of initial access rights posted on deep web-dark web forums. some parts of the report contain information that cannot be fully verified as factual due to the nature of the source. Major Issues Multiple breach claims by ShinyHunters. a wide range of […]

ASEC Blog publishes Ransom & Dark Web Issues Week 2, April 2026           Emergence of New Ransomware Group ‘KryBit’ Gunra, Ransomware Attack Targeting South Korean Pharmaceutical Company DragonForce, Ransomware Attack Targeting Egyptian Generic Drug Developer and Manufacturer

introduction: What is BreachForums? Who is BreachForums? BreachForums is a criminal marketplace where hackers buy and sell personal information (emails, passwords, credit card information, etc.) stolen from companies or government agencies. it is a large online community with hundreds of thousands of members, a platform where compromised databases are posted and traded, and where hacking […]

ASEC Blog publishes Ransom & Dark Web Issues Week 1, April 2026           Ransomware group NetRunner attack against the Indian subsidiary of a South Korean auto parts manufacturer Ransomware group Everest attack against a major Japanese automaker ShinyHunters claims of source code and internal data leak from a U.S. network infrastructure […]

ASEC Blog publishes Ransom & Dark Web Issues Week 4, March 2026           Japanese Automaker Suffers Personal Data Breach via Unauthorized External Access INC Ransom Targets South Korean Steel Manufacturer in Ransomware Attack LeakBase Forum Administrator Arrested in Russia

ASEC Blog publishes Ransom & Dark Web Issues Week 3, March 2026           New Threat Actor CipherForce Claims Cyberattack on South Korean Job Portal New Threat Actor Loki Emerges, Leaks US Citizens’ Personal Data Cybercrime Forum LeakBase Shut Down Again by Russian Authorities

This report comprehensively covers actual cyber threats and related security issues targeting financial institutions in South Korea and abroad. It includes analysis of malware and phishing cases distributed targeting the financial sector, presents the Top 10 major malware targeting the financial sector, and provides statistics on the industry sectors of South Korean accounts leaked via […]

ASEC Blog publishes Ransom & Dark Web Issues Week 2, March 2026         Qilin ransomware attack targeting a well-known dermatology clinic in South Korea and the Korean branch of a global advertising company [1], [2] KillSec and Everest ransomware attacks targeting a South Korean exhibition management platform and an elevator manufacturer [1], […]

ASEC Blog publishes Ransom & Dark Web Issues Week 1, March 2026         Morpheus Launches Ransomware Attack on South Korean Plating Company Ailock Resumes Activity and Republishes Previous Ransomware Victims Pro-Iranian and Pro-Islamist Hacktivist Groups Launch Cyber Attacks on Middle Eastern and Pro-Western Targets [1], [2]

ASEC Blog publishes Ransom & Dark Web Issues Week 4, Fabruary 2026           Source code of a South Korean accounting automation solution provider sold on BreachForums Beast ransomware attack targeting a South Korean pharmaceutical company and battery safety component manufacturer [1], [2] Atomsilo resumes activity and discloses new victim

ASEC Blog publishes Ransom & Dark Web Issues Week 3, Fabruary 2026           Anubis and The Gentlemen launch ransomware attacks targeting a South Korean plastics manufacturer and an IT consulting company [1], [2] Emergence of the new ransomware group Payload ShinyHunters claims data breach involving a well-known Canadian apparel manufacturer

This report comprehensively addresses actual cyber threats and related security issues that have occurred in domestic and international financial sector companies. It includes an analysis of malware and phishing cases disseminated targeting the financial sector, presents the top 10 major malware aimed at the financial sector, and provides statistics on industries of domestic accounts leaked […]

ASEC Blog publishes Ransom & Dark Web Issues Week 2, February 2026           Beast, Ransomware Attack Targeting a South Korean Aerospace Component Manufacturer RipperSec, Claims of DDoS Attacks Targeting South Korean Exhibition Centers, Military Training Grounds, Associations, and Defense-related Companies [1], [2], [3], [4] NoName05716, Claims of DDoS Attacks Targeting the […]

ASEC Blog publishes Ransom & Dark Web Issues Week 1, Fabruary 2026         Qilin Targets South Korean Public Broadcaster with Ransomware Confidential Military Data from U.S. Aerospace Composites Manufacturer Sold on BreachForums ShinyHunters Leaks Data from Two Prestigious U.S. Private Universities