By Cluster25 Threat Intel Team
January 3, 2022

konni-Jul-15-2022-01-47-47-70-AM

Cluster25 analyzed a recent attack linked to the North Korean APT group “Konni” targeting Russian diplomatic sector using a spear phishing theme for New Year’s Eve festivities as lure.

Once the malicious email attachment is opened and executed, a chain composed by multiple stages is triggered, allowing actor to install an implant belonging to the Konni RAT family as final payload.

Download Now »

You may also like

A not so Fancy game. Exploring the new “SkinnyBoy” Bear’s backdoor
A not so Fancy game. Exploring the new “SkinnyBoy” Bear’s backdoor
June 3, 2021

This paper presents an analysis of a new and never publicly reported malware internally dubbed as SkinnyBoy. Based on lo...

2021 Ransomware Bulletin: Recent, Past and Near Future of Cyber Extortion
2021 Ransomware Bulletin: Recent, Past and Near Future of Cyber Extortion
January 12, 2022

This past year 2021 was characterized by an increase in ransomware incidents, not only in regards to occurrence but also...