Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

North Korean Hackers Greet Russian Diplomats with Malware

published on 2022-01-06 14:26:09 UTC by CISOMAG
Content:

Security experts uncovered a North Korean-linked cyberespionage group targeting Russian embassy diplomats with weaponized email attachments. Dubbed Konni, the threat actor group reportedly sent New Year greeting emails embedded with malware to infect the victim’s device. The Konni malware campaign has been active since December 2021, according to researchers from Cluster25.

Konni Remote Access Trojan

Cluster25 researchers claim that attackers distributing malicious ZIP files contained a Windows screensaver (.scr) file citing holiday greetings. Once the user opens the file, the Konni remote access trojan (RAT) malware automatically gets downloaded onto the device.

Also Read: Researchers Uncover North Korean Threat Actor Group TA406 Targeting Diplomats

“These emails used the New Year Eve 2022 festivity as decoy theme. Contrary to its past actions, the North Korean APT group this time did not use malicious documents as attachments; instead, they attached a .zip file type named ‘поздравление.zip’, which means ‘congratulation’ in Russian, containing an embedded executable representing the first stage of the infection,” Cluster25 said.

Attacks From North Korean Actors Continue

State-sponsored actors from North Korea continue to target critical organizations worldwide. According to a cyberthreat research report from Proofpoint, the North Korean actors mostly target individuals from North America, Russia, and China. Tracked as Threat Actor 406 (TA406), the campaign reportedly stole users’ credentials and sensitive financial data from high-level officials, law enforcement officers, and experts in economics and finance.

The attackers have targeted the victims by masquerading as Russian diplomats and academics, representatives of the Ministry of Foreign Affairs of the Russian Federation, human rights officials, or Korean individuals. TA406 has also targeted individuals and organizations related to cryptocurrency for financial gain.

The post North Korean Hackers Greet Russian Diplomats with Malware appeared first on CISO MAG | Cyber Security Magazine.

Article: North Korean Hackers Greet Russian Diplomats with Malware - published almost 3 years ago.

https://cisomag.eccouncil.org/north-korean-hackers-greet-russian-diplomats-with-malware/   
Published: 2022 01 06 14:26:09
Received: 2022 01 06 14:46:35
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security
Views: 0

Custom HTML Block

Click to Open Code Editor