lazarusholic

Everyday is lazarus.dayβ

NickelJuniper

SecureWorks
https://www.secureworks.com/research/threat-profiles/nickel-juniper
"NICKEL JUNIPER is a targeted threat group that CTU researchers assess with moderate confidence conducts espionage on behalf of the North Korean government. The group has targeted South Korea and Russia, with a focus on government entities and the cryptotcurrency industry. NICKEL JUNIPER typically uses phishing as an initial infection vector and has displayed financial and intelligence gathering motivations. The group has leveraged the WinRAR vulnerability (CVE-2023-38831) and also has displayed a preference for scripting languages such as VBScript and Windows Batch for intermediary infection stages. The group has displayed overlaps with NICKEL FOXCROFT and NICKEL KIMBALL."

- SecureWorks, https://www.secureworks.com/research/threat-profiles/nickel-juniper

Also known as

 
Name Named by AKA First seen Last seen
CrookedPisces PaloaltoNetworks Konni 2021-09-30 2021-09-30
Hermit Tencent Konni 2020-04-24 2020-04-24
Konni CiscoTalos - 2017-05-03 2025-01-24
NickelJuniper SecureWorks Konni - 2024-10-08
Osmium Microsoft Konni 2021-10-07 2022-11-07
SectorA07 NSHC Konni 2020-03-12 2025-02-06
TA406 Proofpoint Konni 2021-11-19 2021-11-19
Vedalia Symantec Konni 2024-04-07 2024-10-04
puNK-001 S2W Konni 2024-08-22 -
puNK-003 S2W Konni 2024-08-22 2024-08-22

Reports