3 matches found
APT37 employs Konni malware to target high-level organizations
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary The Konni remote access trojan, which is widely used malware by the APT37, is used in the attack campaign to take advantage of high-value targets from countries like the Czech Republic, Poland, and many others...
New variant of Konni malware used in campaign targetting Russia
This blog post was authored by Hossein Jazi In late July 2021, we identified an ongoing spear phishing campaign pushing Konni Rat to target Russia. Konni was first observed in the wild in 2014 and has been potentially linked to the North Korean APT group named APT37. We discovered two documents...
Phishing Emails Used to Deploy KONNI Malware
Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. The Cybersecurity and Infrastructure Security Agency CISA has observed cyber actors using emails containi...