Skip to main content

North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs

posted onJanuary 7, 2022
by l33tdawg
Security Affairs
Credit: Security Affairs

Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants.

The APT group carried out spear-phishing attacks using New Year’s Eve festivities as a lure. Upon opening the malicious email attachment, a multi-stage attack chain starts, the final payload is a new version of the Konni RAT family.

“The malicious activity starts from an email containing a malicious zip file, which once decompressed drops a malicious downloader able to activate a complex chain of actions finalized to deploy Konni RAT malware, named scrnsvc.dll, as Windows service.” reads the report published by Cluster25.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th